urlscan.io logo urlscan.io
SecurityTrails logo

petitroom-3.com Open in urlscan Pro
183.90.253.34  Public Scan

Go To Rescan Add Verdict Report
URL: https://petitroom-3.com/
Submission: On July 09 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 90 HTTP transactions. The main IP is 183.90.253.34, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is petitroom-3.com.
TLS certificate: Issued by R3 on May 10th 2021. Valid for: 3 months.
This is the only time petitroom-3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

28    183.90.253.34 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv1433.xserver.jp
petitroom-3.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    52.198.26.114 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com
www23.a8.net
www16.a8.net
www17.a8.net
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
25    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
Domain Requested by
28 petitroom-3.com petitroom-3.com
25 tpc.googlesyndication.com petitroom-3.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
petitroom-3.com
googleads.g.doubleclick.net
9 pagead2.googlesyndication.com petitroom-3.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
4 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 s0.2mdn.net tpc.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www17.a8.net petitroom-3.com
1 www16.a8.net petitroom-3.com
1 www23.a8.net petitroom-3.com
1 www.googletagmanager.com petitroom-3.com
90 16

This site contains links to these domains. Also see Links.

Domain
feedly.com
px.a8.net
Subject Issuer Validity Valid
www.petitroom-3.com
R3		 2021-05-10 -
2021-08-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.a8.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-05-25 -
2022-06-26		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://petitroom-3.com/
Frame ID: A7AADECEB75AE00E69ED366DEC1D0421
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html
Frame ID: C7EBFD6EA480C998AFC41C6516B5D6AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&adk=1812271804&adf=3025194257&lmt=1625797407&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpetitroom-3.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797406790&bpp=461&bdt=81&idt=596&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3403627838256&frm=20&pv=2&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=610
Frame ID: BCA97296E625B4DB7328437D36AFF09A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
Frame ID: 91BAF543428DEBFFB595DDD9FBE79FB2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15
Frame ID: 22B3A7A6334A2B856502149731D8742C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Frame ID: BFBCA1B4B41559282E88ACF47486E149
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CzyNgH7PnYPmlIK-L7_UPwP6u0AKRvuybXq36_ciCCrbdwISGAhABILHL3C9glQKgAYfoq_QCyAEJqQK5XT1o69-zPqgDAcgDSKoE2AFP0L6SO6gcLbItIl7fqJn8rNvfw4xte42ZD1ny3ojVVlZWMa0oWtgt_wfzVXD0UM175dfB3_t9hrcMp2hQ1RfI4lFesIC8dcY5Av5noHk_fh3kRZqUlGh4PUJIJoPx9dwoV0Km1CZbQO3ofRJnUKT2Pkf538afH7JvPLCsvsD0X8aP1A9BFMCKWoXE9zStzlJCdv9gXzoGIyBSn68wWaa1JPN8mh0vonV5AqJREjKlAsb9vNmsJf5xNdISmEDTApVr91Xf35QRwtGpqBC86Yd0EPt6RS4DFLLABJD9mrmkApIFBAgEGAGSBQQIBRgEoAYugAfgltOLAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDsgwfSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNTMwMzU1MTM0Mzg5OTUzMQ&sigh=3mGcnAF1eO0&template_id=419
Frame ID: F704998C2959B0A9122D90747FFCDCDD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: AE12D6783175678EA79D042D1987FF90
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html
Frame ID: 2BA6283EABCF30E7F2569C6F57E24156
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E4BCB21D538B8C185DCE59DC8CDFBF3B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3DBA2D77B77266525673A0362ED3ADD1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A4A0472A613B0A0F1B3FDE118B5D1344
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

90
Requests

100 %
HTTPS

79 %
IPv6

11
Domains

16
Subdomains

15
IPs

4
Countries

1247 kB
Transfer

2393 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 81
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
petitroom-3.com/ 		38 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
77c22158748b51a3e3c7a0cbac9865c16f24796fcc69269df9dae46c4f5ed804

Request headers

:method
GET
:authority
petitroom-3.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Fri, 09 Jul 2021 02:23:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
link
<https://petitroom-3.com/wp-json/>; rel="https://api.w.org/"
content-encoding
gzip
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-79568801-1
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
751731083b3af2e988bcfec12adce9d80b0ab56e1b7b555fcbf44299b6b51ab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36863
x-xss-protection
0
last-modified
Fri, 09 Jul 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Jul 2021 02:23:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2dab87de59f22b0071438d367726f05a5119cfe596ccc9639e77afe9dc9d515e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48691
x-xss-protection
0
server
cafe
etag
17275011039004244248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 02:23:26 GMT
style.css
petitroom-3.com/wp-content/themes/simplicity2/ 		70 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/themes/simplicity2/style.css
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
4065a681bd1cb1b41de006aa017dc110a14248bf245929e1d5f9244ef0c39544

Request headers

:path
/wp-content/themes/simplicity2/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:26 GMT
content-encoding
gzip
last-modified
Fri, 17 Mar 2017 08:09:30 GMT
server
nginx
etag
W/"116ed-54ae8b26e6280"
vary
Accept-Encoding
content-type
text/css
responsive-pc.css
petitroom-3.com/wp-content/themes/simplicity2/css/ 		2 KB
948 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/themes/simplicity2/css/responsive-pc.css
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
a9ceb0224cc39c679ee43c8cb1f37993dae2bf567ec80d8c51832578290c7e5b

Request headers

:path
/wp-content/themes/simplicity2/css/responsive-pc.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:26 GMT
content-encoding
gzip
last-modified
Fri, 17 Mar 2017 08:09:30 GMT
server
nginx
etag
W/"84f-54ae8b26e6280"
vary
Accept-Encoding
content-type
text/css
font-awesome.min.css
petitroom-3.com/wp-content/themes/simplicity2/webfonts/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

:path
/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:26 GMT
content-encoding
gzip
last-modified
Fri, 17 Mar 2017 08:09:30 GMT
server
nginx
etag
W/"6b4a-54ae8b26e6280"
vary
Accept-Encoding
content-type
text/css
style.css
petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/ 		4 KB
1017 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
2aef878dbc7f0c16b6d4f0323041117838b056ee686ad74ce816214657119310

Request headers

:path
/wp-content/themes/simplicity2/webfonts/icomoon/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:26 GMT
content-encoding
gzip
last-modified
Fri, 17 Mar 2017 08:09:30 GMT
server
nginx
etag
W/"f7d-54ae8b26e6280"
vary
Accept-Encoding
content-type
text/css
extension.css
petitroom-3.com/wp-content/themes/simplicity2/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/themes/simplicity2/css/extension.css
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
f3b29881f7c9a70696f1d51f38c434205629e68d803c9c67ca015ae90d7ade09

Request headers

:path
/wp-content/themes/simplicity2/css/extension.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:26 GMT
content-encoding
gzip
last-modified
Fri, 17 Mar 2017 08:09:30 GMT
server
nginx
etag
W/"2204-54ae8b26e6280"
vary
Accept-Encoding
content-type
text/css
style.css
petitroom-3.com/wp-content/themes/simplicity2-child/ 		157 B
289 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/themes/simplicity2-child/style.css
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
001752870f01e7631a31c0be7e93c6fb39b80a9247f50614b4138325b6bef36c

Request headers

:path
/wp-content/themes/simplicity2-child/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:26 GMT
last-modified
Fri, 17 Mar 2017 08:10:30 GMT
server
nginx
accept-ranges
bytes
etag
"9d-54ae8b601e980"
content-length
157
content-type
text/css
styles.css
petitroom-3.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
e291f67dc3e643bfde7604e48a75e17298a3868ebc0c4554b9e8c17355fd6115

Request headers

:path
/wp-content/plugins/contact-form-7/includes/css/styles.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:26 GMT
content-encoding
gzip
last-modified
Wed, 04 Oct 2017 06:25:49 GMT
server
nginx
etag
W/"646-55ab2adbbd540"
vary
Accept-Encoding
content-type
text/css
jquery.js
petitroom-3.com/wp-includes/js/jquery/ 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-includes/js/jquery/jquery.js
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

:path
/wp-includes/js/jquery/jquery.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:26 GMT
content-encoding
gzip
last-modified
Thu, 05 Sep 2019 09:29:55 GMT
server
nginx
etag
W/"17a6a-591caf6eb545b"
vary
Accept-Encoding
content-type
application/javascript
jquery-migrate.min.js
petitroom-3.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:26 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2016 21:11:28 GMT
server
nginx
etag
W/"2748-533386ae30000"
vary
Accept-Encoding
content-type
application/javascript
4642749_m-150x150.jpg
petitroom-3.com/wp-content/uploads/2021/05/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitroom-3.com/wp-content/uploads/2021/05/4642749_m-150x150.jpg
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
4e1c72ad3ae6a849d53fe9e79f9f4d4cc5fc09467d074257311ba5e156c51159

Request headers

:path
/wp-content/uploads/2021/05/4642749_m-150x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Fri, 21 May 2021 08:32:17 GMT
server
nginx
accept-ranges
bytes
etag
"1977-5c2d2e5c653e2"
content-length
6519
content-type
image/jpeg
IMG_4923-150x150.jpg
petitroom-3.com/wp-content/uploads/2021/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitroom-3.com/wp-content/uploads/2021/04/IMG_4923-150x150.jpg
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
4eeaa480509e6ba47f05ba62cf46e6ee834bada7c17fe6afdbdaeec9e6243a7c

Request headers

:path
/wp-content/uploads/2021/04/IMG_4923-150x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Tue, 06 Apr 2021 08:06:50 GMT
server
nginx
accept-ranges
bytes
etag
"1a2b-5bf494bebaca1"
content-length
6699
content-type
image/jpeg
IMG_4204-150x150.jpg
petitroom-3.com/wp-content/uploads/2020/12/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitroom-3.com/wp-content/uploads/2020/12/IMG_4204-150x150.jpg
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
0e26c948164ba483456110b0ffff9994a1644daeb96db9c6f3349898beecc3b6

Request headers

:path
/wp-content/uploads/2020/12/IMG_4204-150x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Mon, 07 Dec 2020 06:53:21 GMT
server
nginx
accept-ranges
bytes
etag
"97e1-5b5da4822dfff"
content-length
38881
content-type
image/jpeg
IMG_3998-150x150.jpg
petitroom-3.com/wp-content/uploads/2020/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitroom-3.com/wp-content/uploads/2020/10/IMG_3998-150x150.jpg
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
32e367ec71e96f0d9f0fb26153fa7333d7b4dc1118f3bc70f85455e860751b20

Request headers

:path
/wp-content/uploads/2020/10/IMG_3998-150x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Sat, 31 Oct 2020 07:58:23 GMT
server
nginx
accept-ranges
bytes
etag
"1391-5b2f2e09b7a72"
content-length
5009
content-type
image/jpeg
13%E6%97%A5%E7%9B%AE-150x150.jpg
petitroom-3.com/wp-content/uploads/2020/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitroom-3.com/wp-content/uploads/2020/10/13%E6%97%A5%E7%9B%AE-150x150.jpg
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
c3b08b7a65195dffb8293a29aa77d5a756334fcbac259d742c67b7bdf30c4fea

Request headers

:path
/wp-content/uploads/2020/10/13%E6%97%A5%E7%9B%AE-150x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Sat, 17 Oct 2020 08:21:02 GMT
server
nginx
accept-ranges
bytes
etag
"1d3f-5b1d98fd6d9ad"
content-length
7487
content-type
image/jpeg
pexels-pixabay-34702-150x150.jpg
petitroom-3.com/wp-content/uploads/2020/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitroom-3.com/wp-content/uploads/2020/10/pexels-pixabay-34702-150x150.jpg
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
ac2155b4d069162e22db4b3890769c10b096095fa949f8de1183ba55aaed09a5

Request headers

:path
/wp-content/uploads/2020/10/pexels-pixabay-34702-150x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Tue, 06 Oct 2020 08:05:39 GMT
server
nginx
accept-ranges
bytes
etag
"247c-5b0fc108a5142"
content-length
9340
content-type
image/jpeg
c2004-150x150.jpg
petitroom-3.com/wp-content/uploads/2020/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitroom-3.com/wp-content/uploads/2020/09/c2004-150x150.jpg
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
7b5c6e6dcc7aaf85b42c5f44b05709680391b778a02bc4507c1bb340504ee65e

Request headers

:path
/wp-content/uploads/2020/09/c2004-150x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Sat, 12 Sep 2020 09:29:16 GMT
server
nginx
accept-ranges
bytes
etag
"2543-5af1a6f5e1fea"
content-length
9539
content-type
image/jpeg
nod10-150x150.jpg
petitroom-3.com/wp-content/uploads/2018/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitroom-3.com/wp-content/uploads/2018/10/nod10-150x150.jpg
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
80fd2462d17008fe27ca99ba416a92f1337b7327707828d3592129bff057bde3

Request headers

:path
/wp-content/uploads/2018/10/nod10-150x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Fri, 05 Oct 2018 05:42:20 GMT
server
nginx
accept-ranges
bytes
etag
"f9b-57774bc24e700"
content-length
3995
content-type
image/jpeg
no-image.png
petitroom-3.com/wp-content/themes/simplicity2/images/ 		903 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitroom-3.com/wp-content/themes/simplicity2/images/no-image.png
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
396067957f0521fcfcb16de6a2a5718a98bd0cddecc193ed518683ca92cc64d3

Request headers

:path
/wp-content/themes/simplicity2/images/no-image.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Fri, 17 Mar 2017 08:09:30 GMT
server
nginx
accept-ranges
bytes
etag
"387-54ae8b26e6280"
content-length
903
content-type
image/png
bgt
www23.a8.net/svt/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www23.a8.net/svt/bgt?aid=191201333179&wid=001&eno=01&mid=s00000019198001018000&mc=1
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.26.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9b8f7e9c1018c6c3ceae5757e03555864eb0c0049c5182d9d745b21c61968c33

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Jul 2021 02:23:28 GMT
Server
Apache
Connection
keep-alive
Content-Length
159951
Content-Type
image/gif
0.gif
www16.a8.net/ 		43 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www16.a8.net/0.gif?a8mat=35U3W5+2YKM2A+444S+626XT
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.26.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Jul 2021 02:23:28 GMT
Server
Apache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
0.gif
www17.a8.net/ 		43 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www17.a8.net/0.gif?a8mat=35U3W5+2YKM2A+444S+BW8O2
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.26.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Jul 2021 02:23:28 GMT
Server
Apache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
javascript.js
petitroom-3.com/wp-content/themes/simplicity2/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/themes/simplicity2/javascript.js
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
54192cf9443a6bdf81131a5878d810b3806966dc44285315cd81b22938376e69

Request headers

:path
/wp-content/themes/simplicity2/javascript.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
content-encoding
gzip
last-modified
Fri, 17 Mar 2017 08:09:30 GMT
server
nginx
etag
W/"483f-54ae8b26e6280"
vary
Accept-Encoding
content-type
application/javascript
javascript.js
petitroom-3.com/wp-content/themes/simplicity2-child/ 		300 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/themes/simplicity2-child/javascript.js
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
410bbef10cc0a50e426c6cd819887a9b22cb9d412e1c92a40e5324907927c6e2

Request headers

:path
/wp-content/themes/simplicity2-child/javascript.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Fri, 17 Mar 2017 08:10:30 GMT
server
nginx
accept-ranges
bytes
etag
"12c-54ae8b601e980"
content-length
300
content-type
application/javascript
scripts.js
petitroom-3.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
f7db88a5dd4feb92dafbf5b17b516ddb78cfe69daff23ed72453a6a561b367f1

Request headers

:path
/wp-content/plugins/contact-form-7/includes/js/scripts.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
content-encoding
gzip
last-modified
Wed, 04 Oct 2017 06:25:49 GMT
server
nginx
etag
W/"3654-55ab2adbbd540"
vary
Accept-Encoding
content-type
application/javascript
wp-embed.min.js
petitroom-3.com/wp-includes/js/ 		1 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-includes/js/wp-embed.min.js
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e

Request headers

:path
/wp-includes/js/wp-embed.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 01:30:40 GMT
server
nginx
etag
W/"56a-5c00ced85c445"
vary
Accept-Encoding
content-type
application/javascript
print.css
petitroom-3.com/wp-content/themes/simplicity2/css/ 		1 KB
774 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/themes/simplicity2/css/print.css
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
77dfdc80913c50cb920f3c6b0ac88a4b019fbcb5d29e65d9c7024c3f48049564

Request headers

:path
/wp-content/themes/simplicity2/css/print.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
content-encoding
gzip
last-modified
Fri, 17 Mar 2017 08:09:30 GMT
server
nginx
etag
W/"52e-54ae8b26e6280"
vary
Accept-Encoding
content-type
text/css
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-79568801-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
3462
date
Fri, 09 Jul 2021 01:25:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 09 Jul 2021 03:25:45 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/ 		240 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4119835228203de3978d98f27c2d326dd14f7d0fb412f9a05f4d1589cc83111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91202
x-xss-protection
0
server
cafe
etag
7944902488587866712
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 02:23:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/ Frame C7EB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210701/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://petitroom-3.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://petitroom-3.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 08 Jul 2021 22:29:07 GMT
expires
Thu, 22 Jul 2021 22:29:07 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
14059
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
inte1.jpg
petitroom-3.com/wp-content/uploads/2017/03/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitroom-3.com/wp-content/uploads/2017/03/inte1.jpg
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
c8cbda8236e456a9d7f9522446c5edc10506a00782c4e37089b37f2aca575410

Request headers

:path
/wp-content/uploads/2017/03/inte1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Fri, 17 Mar 2017 08:27:08 GMT
server
nginx
accept-ranges
bytes
etag
"c21c-54ae8f17e2f00"
content-length
49692
content-type
image/jpeg
cropped-inte1.jpg
petitroom-3.com/wp-content/uploads/2017/03/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://petitroom-3.com/wp-content/uploads/2017/03/cropped-inte1.jpg
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
34dbf32ffd29959cee88c13596232d5af7c5513f847c673a598bf802916ebc17

Request headers

:path
/wp-content/uploads/2017/03/cropped-inte1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
petitroom-3.com
referer
https://petitroom-3.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Fri, 17 Mar 2017 08:27:27 GMT
server
nginx
accept-ranges
bytes
etag
"38da-54ae8f2a019c0"
content-length
14554
content-type
image/jpeg
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ba0e0468290efccde7ac41afff618243e60020f5228312ff8d38368f0916d74

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
icomoon.ttf
petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/fonts/icomoon.ttf?szquq3
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
5941d6cbaf28a4b41cf3b6bbc4e200ca1890b69071e9a102b76a3669bb7faef3

Request headers

:path
/wp-content/themes/simplicity2/webfonts/icomoon/fonts/icomoon.ttf?szquq3
pragma
no-cache
origin
https://petitroom-3.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
petitroom-3.com
referer
https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://petitroom-3.com
Referer
https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Fri, 17 Mar 2017 08:09:30 GMT
server
nginx
accept-ranges
bytes
etag
"4590-54ae8b26e6280"
content-length
17808
content-type
application/font-sfnt
fontawesome-webfont.woff2
petitroom-3.com/wp-content/themes/simplicity2/webfonts/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.90.253.34 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1433.xserver.jp
Software
nginx /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

:path
/wp-content/themes/simplicity2/webfonts/fonts/fontawesome-webfont.woff2?v=4.5.0
pragma
no-cache
origin
https://petitroom-3.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
petitroom-3.com
referer
https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://petitroom-3.com
Referer
https://petitroom-3.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
last-modified
Fri, 17 Mar 2017 08:09:30 GMT
server
nginx
accept-ranges
bytes
etag
"10440-54ae8b26e6280"
content-length
66624
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1668914174&t=pageview&_s=1&dl=https%3A%2F%2Fpetitroom-3.com%2F&ul=en-us&de=UTF-8&dt=Petitroom%E3%80%80No.3%20%7C%20%E3%81%A1%E3%82%87%E3%81%A3%E3%81%A8%E3%81%97%E3%81%9F%E5%B7%A5%E5%A4%AB%E3%81%A7%E6%AF%8E%E6%97%A5%E3%81%AE%E7%94%9F%E6%B4%BB%E3%82%92%E6%A5%BD%E3%81%97%E3%81%8F%E3%81%97%E3%81%9F%E3%81%84%EF%BC%81%E8%87%AA%E3%82%89%E3%81%AE%E5%BF%98%E5%82%99%E9%8C%B2%E3%81%A0%E3%81%91%E3%81%A7%E3%81%AA%E3%81%8F%E3%81%8A%E5%BD%B9%E7%AB%8B%E3%81%A1%E3%82%B5%E3%82%A4%E3%83%88%E7%9B%AE%E6%8C%87%E3%81%97%E3%81%A6%E3%81%BE%E3%81%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2132479523&gjid=1627682298&cid=493918411.1625797407&tid=UA-79568801-1&_gid=25754888.1625797407&_r=1&gtm=2ou770&z=215679357
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Jul 2021 02:23:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://petitroom-3.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		205 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=petitroom-3.com&callback=_gfp_s_&client=ca-pub-5303551343899531
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
fc1419fe6773ab1e4b77ea6ed34fed1447a191952702472085700dc87d23a9e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=petitroom-3.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Jul 2021 02:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=petitroom-3.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Jul 2021 02:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BCA9 		30 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&adk=1812271804&adf=3025194257&lmt=1625797407&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpetitroom-3.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797406790&bpp=461&bdt=81&idt=596&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3403627838256&frm=20&pv=2&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=610
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1a45f8130ff959aa9a7269118def429057b95fd88f88f66cfc5408677e5912e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5303551343899531&output=html&adk=1812271804&adf=3025194257&lmt=1625797407&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpetitroom-3.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797406790&bpp=461&bdt=81&idt=596&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3403627838256&frm=20&pv=2&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=610
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://petitroom-3.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://petitroom-3.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 09 Jul 2021 02:23:27 GMT
server
cafe
content-length
1778
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 09-Jul-2021 02:38:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 09 Jul 2021 02:23:27 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657948508962"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27726
x-xss-protection
0
expires
Fri, 09 Jul 2021 02:23:27 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-79568801-1&cid=493918411.1625797407&jid=2132479523&gjid=1627682298&_gid=25754888.1625797407&_u=YEBAAUAAAAAAAC~&z=1928881369
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 09 Jul 2021 02:23:27 GMT
content-type
text/plain
access-control-allow-origin
https://petitroom-3.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=petitroom-3.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Jul 2021 02:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=petitroom-3.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Jul 2021 02:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 91BA 		94 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
373447f99b3c001103828a999f977e7faa22cbbbe691bb964a7baaf9fd2d8d26
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLj5zqf31PECFVDQuwgdnYwMBg&gqi=H7PnYNawH7eV9u8Pj-ePuAc&layout=/sadbundle/%24csp%253Der3%24/16986808040249150219/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://petitroom-3.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://petitroom-3.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLj5zqf31PECFVDQuwgdnYwMBg&gqi=H7PnYNawH7eV9u8Pj-ePuAc&layout=/sadbundle/%24csp%253Der3%24/16986808040249150219/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 09 Jul 2021 02:23:28 GMT
server
cafe
content-length
34442
x-xss-protection
0
set-cookie
IDE=AHWqTUnhzsSurn_RylX_Nc9Sp0Rw74FEJFaYfdU5pezDynj2l_-DZ-jPIxc-u4_oBiw; expires=Wed, 03-Aug-2022 02:23:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 09 Jul 2021 02:23:28 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 22B3 		121 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4c66401b9648f1ce6e8127266e1ae59514029f82ac26025ca3393e914528039
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLmxz6f31PECFa_FuwgdQL8LKg&gqi=H7PnYNXoH9DU7_UP4J2CqAI&layout=/sadbundle/%24csp%253Der3%24/13762655025483973213/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://petitroom-3.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://petitroom-3.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLmxz6f31PECFa_FuwgdQL8LKg&gqi=H7PnYNXoH9DU7_UP4J2CqAI&layout=/sadbundle/%24csp%253Der3%24/13762655025483973213/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 09 Jul 2021 02:23:27 GMT
server
cafe
content-length
40091
x-xss-protection
0
set-cookie
IDE=AHWqTUkfZbi_irhg_MbMJvmjOkuE9DOj9rM_OuE2V5TcwkDajcsEIBzwTkTxY3-ages; expires=Wed, 03-Aug-2022 02:23:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 09 Jul 2021 02:23:27 GMT
cache-control
private
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/ Frame BFBC 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eecef32ca9718864bd2c5bba624b581b76583d792289db0107880be093814b5b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/13762655025483973213/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3166
date
Tue, 06 Jul 2021 12:14:07 GMT
expires
Wed, 06 Jul 2022 12:14:07 GMT
last-modified
Thu, 29 Aug 2019 11:25:10 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
223760
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame F704 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CzyNgH7PnYPmlIK-L7_UPwP6u0AKRvuybXq36_ciCCrbdwISGAhABILHL3C9glQKgAYfoq_QCyAEJqQK5XT1o69-zPqgDAcgDSKoE2AFP0L6SO6gcLbItIl7fqJn8rNvfw4xte42ZD1ny3ojVVlZWMa0oWtgt_wfzVXD0UM175dfB3_t9hrcMp2hQ1RfI4lFesIC8dcY5Av5noHk_fh3kRZqUlGh4PUJIJoPx9dwoV0Km1CZbQO3ofRJnUKT2Pkf538afH7JvPLCsvsD0X8aP1A9BFMCKWoXE9zStzlJCdv9gXzoGIyBSn68wWaa1JPN8mh0vonV5AqJREjKlAsb9vNmsJf5xNdISmEDTApVr91Xf35QRwtGpqBC86Yd0EPt6RS4DFLLABJD9mrmkApIFBAgEGAGSBQQIBRgEoAYugAfgltOLAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDsgwfSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNTMwMzU1MTM0Mzg5OTUzMQ&sigh=3mGcnAF1eO0&template_id=419
Requested by
Host: petitroom-3.com
URL: https://petitroom-3.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 09 Jul 2021 02:23:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/ Frame F704 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7112
x-xss-protection
0
server
cafe
etag
12276874145846594193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Jul 2021 02:11:25 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame F704 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Jul 2021 02:17:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F704 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657928851490"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37883
x-xss-protection
0
expires
Fri, 09 Jul 2021 02:23:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame F704 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 01:48:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2078
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Jul 2021 01:48:49 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame AE12 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkfZbi_irhg_MbMJvmjOkuE9DOj9rM_OuE2V5TcwkDajcsEIBzwTkTxY3-ages
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 09 Jul 2021 01:42:56 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame F704 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLmxz6f31PECFa_FuwgdQL8LKg&gqi=H7PnYNXoH9DU7_UP4J2CqAI&layout=/sadbundle/%24csp%253Der3%24/13762655025483973213/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 09 Jul 2021 02:23:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F704 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c578988ffc902b9eec940013e53b62cf8f8019b77263e50d96718cbd300b6af9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame BFBC 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24458
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 09 Jul 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BFBC 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 09 Jul 2021 12:37:33 GMT
HYPE-648.thin.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/ Frame BFBC 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/HYPE-648.thin.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2baccefb5cede601d5fc018290c68a748e3199cf5c00cc77dbbf6491531d3592
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
209743
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23314
x-xss-protection
0
last-modified
Thu, 29 Aug 2019 11:25:10 GMT
server
sffe
date
Tue, 06 Jul 2021 16:07:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 16:07:45 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/ Frame 91BA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7112
x-xss-protection
0
server
cafe
etag
12276874145846594193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Jul 2021 02:11:25 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 91BA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Jul 2021 02:17:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 91BA 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:28 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657928851490"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37883
x-xss-protection
0
expires
Fri, 09 Jul 2021 02:23:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame 91BA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 01:48:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2079
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Jul 2021 01:48:49 GMT
l
www.google.com/ads/measurement/ Frame 91BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0uFa9X4GeODALR7zaoMp6J5W5AYJR1LmtKRPIGwL8Ce2RBaWXkOY6eDakbRer8eVn4FDgcRxOW_TUbDV7zqv036rZGg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/ Frame 2BA6 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bef3142e3e8e977ab554f50a7dceed6dfda9b20703a7519faf43fc4944705df9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/16986808040249150219/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2990
date
Tue, 06 Jul 2021 15:58:35 GMT
expires
Wed, 06 Jul 2022 15:58:35 GMT
last-modified
Thu, 11 Feb 2021 09:56:43 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
210293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 91BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CqmzMH7PnYPjtH9Cg7_UPnZmyMI2k8qRh7qqD3qsNs_n9q9sWEAEgscvcL2CVAqABo9awxAPIAQmpAjOlO7mF4LM-qAMByANIqgTQAU_QNCRsy_ZJ1EE7l7GvWEGJ3noaSOmPvixvQlaabqPMaYpfTq2I523-2sjDDFM5ZhSRj3LDKjKeYEpFOD-rHY-MPCrvTPimYi0I3kAiB1iv3d3i9nqTryrZODPbdhjn3O_fsgG9phpR9evzmkyYUg6kINSUEK51Sa5qT6dNtu-7SIJUmfhyZbE_HfV3JyUFztPt5T_swPvOsX-3fq68UWz43siGePsu-2370hUFjrrHS5pV9lqDEAShWRvo3FUjHuoaq5VoVwbw1tIF-zKIGazABMfPtL6yApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfFqc87qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEK7iIdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi01MzAzNTUxMzQzODk5NTMx&sigh=GGDyeM55tjk&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 09 Jul 2021 02:23:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame AE12
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=153&adk=1150655209&adf=3218537085&pi=t.aa~a.3748265432~rp.4&w=680&lmt=1625797407&nsk=c48e4982&rafmt=11&pwprc=7085179773&psa=0&ad_type=text_image&format=680x153&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=1&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0%2C300x600&nras=3&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=1342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rqd1pZD3Xi&p=https%3A//petitroom-3.com&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnhzsSurn_RylX_Nc9Sp0Rw74FEJFaYfdU5pezDynj2l_-DZ-jPIxc-u4_oBiw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 09 Jul 2021 02:23:28 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 09-Jul-2021 03:23:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 09 Jul 2021 02:23:28 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 09 Jul 2021 02:23:28 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame E4BC 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnhzsSurn_RylX_Nc9Sp0Rw74FEJFaYfdU5pezDynj2l_-DZ-jPIxc-u4_oBiw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 09 Jul 2021 01:42:56 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 91BA 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLj5zqf31PECFVDQuwgdnYwMBg&gqi=H7PnYNawH7eV9u8Pj-ePuAc&layout=/sadbundle/%24csp%253Der3%24/16986808040249150219/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 09 Jul 2021 02:23:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 91BA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17ab20480287099ba69d470f15ad45bd5518de36085f88ecb1b5c643889f13bf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
fischers-fritze-armband-segeltau-garnele-schwarz_930x180_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/ Frame BFBC 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/fischers-fritze-armband-segeltau-garnele-schwarz_930x180_1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11e985b3052675be83763307225b0be3cb4e297cc034fc14787c6ed412d52f0b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
280873
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20580
x-xss-protection
0
last-modified
Thu, 29 Aug 2019 11:25:10 GMT
server
sffe
date
Mon, 05 Jul 2021 20:22:15 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Jul 2022 20:22:15 GMT
fischers-fritze-armband-leder-garnele-braun_930x180_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/ Frame BFBC 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/fischers-fritze-armband-leder-garnele-braun_930x180_2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e67d7865e603df14559c911af63fa363780bd35bcdaf826495528706cf487f0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
267718
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22136
x-xss-protection
0
last-modified
Thu, 29 Aug 2019 11:25:10 GMT
server
sffe
date
Tue, 06 Jul 2021 00:01:30 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 00:01:30 GMT
fischers-fritze-armband-segeltau-garnele-rot_930x180_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/ Frame BFBC 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/fischers-fritze-armband-segeltau-garnele-rot_930x180_3.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e1fbe94a44c01febabaeca4dd15ef3e6148cfee4b507d2f10e7a690a5f18913
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
285760
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24489
x-xss-protection
0
last-modified
Thu, 29 Aug 2019 11:25:10 GMT
server
sffe
date
Mon, 05 Jul 2021 19:00:48 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
expires
Tue, 05 Jul 2022 19:00:48 GMT
fischers-fritze-entdecken_930x180_btn.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/ Frame BFBC 		917 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/fischers-fritze-entdecken_930x180_btn.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc67119b24683bf39f35d73e1ec8ff040ddb175a35d5e6fb516dcd9b202d322d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
233876
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
917
x-xss-protection
0
last-modified
Thu, 29 Aug 2019 11:25:10 GMT
server
sffe
date
Tue, 06 Jul 2021 09:25:32 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 09:25:32 GMT
fischers-fritze-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/ Frame BFBC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/fischers-fritze-logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d260a43ba0f6ae58183a49c9abe68010def8990e98795f3f79b6a662bf73e8b3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
267718
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2606
x-xss-protection
0
last-modified
Thu, 29 Aug 2019 11:25:10 GMT
server
sffe
date
Tue, 06 Jul 2021 00:01:30 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 00:01:30 GMT
fischers-fritze-manufaktur-armband_930x180_mood-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/ Frame BFBC 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/fischers-fritze-manufaktur-armband_930x180_mood-1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6de414ba4973b2d8efffc4b9088b707adecfa2af101a824fa3a5dcfa5fe03757
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
233875
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14395
x-xss-protection
0
last-modified
Thu, 29 Aug 2019 11:25:10 GMT
server
sffe
date
Tue, 06 Jul 2021 09:25:33 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 09:25:33 GMT
fischers-fritze-manufaktur-armband_930x180_mood-2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/ Frame BFBC 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/fischers-fritze-manufaktur-armband_930x180_mood-2.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85ab0dd72292cba70238dbb389b7a913a4ee1764fc609488654f677f2121ccbb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
223298
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8518
x-xss-protection
0
last-modified
Thu, 29 Aug 2019 11:25:10 GMT
server
sffe
date
Tue, 06 Jul 2021 12:21:50 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 12:21:50 GMT
fischers-fritze-930x180_txt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/ Frame BFBC 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/fischers-fritze-930x180_txt.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13762655025483973213/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e571677260da837d0756709f101d1a61ed7c7910b0e56d0d79bf8341ba80e8b7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
233875
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5630
x-xss-protection
0
last-modified
Thu, 29 Aug 2019 11:25:10 GMT
server
sffe
date
Tue, 06 Jul 2021 09:25:33 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 09:25:33 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2BA6 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24458
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 09 Jul 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2BA6 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 09 Jul 2021 12:37:33 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 2BA6 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 02:23:28 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E4BC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5303551343899531&output=html&h=600&adk=1901388290&adf=1218851631&pi=t.aa~a.573379464~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1625797407&rafmt=1&to=qs&pwprc=7085179773&psa=0&format=300x600&url=https%3A%2F%2Fpetitroom-3.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625797407496&bpp=1&bdt=787&idt=-M&shv=r20210701&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbc0c6556033d774-2221e28466c90050%3AT%3D1625797407%3ART%3D1625797407%3AS%3DALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg&prev_fmts=0x0&nras=2&correlator=3403627838256&frm=20&pv=1&ga_vid=493918411.1625797407&ga_sid=1625797407&ga_hid=1668914174&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1035&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C21065724&oid=3&pvsid=3202371394443180&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=riK29PUh5T&p=https%3A//petitroom-3.com&dtd=8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnhzsSurn_RylX_Nc9Sp0Rw74FEJFaYfdU5pezDynj2l_-DZ-jPIxc-u4_oBiw; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 09 Jul 2021 02:23:28 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 09-Jul-2021 03:23:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 09 Jul 2021 02:23:28 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 09 Jul 2021 02:23:28 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
pagead2.googlesyndication.com/bg/ Frame BFBC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 11:27:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
53738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13211
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 16:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Jul 2022 11:27:50 GMT
imagesuv0myt5eb1rnnbxsp1ds.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/ Frame 2BA6 		989 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/imagesuv0myt5eb1rnnbxsp1ds.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aca9b5b4cbfd4bc4c8c3f0e6b803f4f17e8e7c79c4166e33dd19363e793143c3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
232242
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
989
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 09:56:43 GMT
server
sffe
date
Tue, 06 Jul 2021 09:52:46 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 09:52:46 GMT
18b0007183d0bb7a5606546c7ff0290f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/ Frame 2BA6 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/18b0007183d0bb7a5606546c7ff0290f.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11511854996e430afe2570349b74301d0042353244ebb4a768d49274c2788a8f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
268200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119162
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 09:56:43 GMT
server
sffe
date
Mon, 05 Jul 2021 23:53:28 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Jul 2022 23:53:28 GMT
kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
pagead2.googlesyndication.com/bg/ Frame 2BA6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 11:27:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
53738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13211
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 16:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Jul 2022 11:27:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210701&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6208d8153c9dee6f1773ef8daca79b40097e4e77c0018c6d76765b1fccddef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Jul 2021 02:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8484
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5303551343899531&plah=petitroom-3.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 09 Jul 2021 02:23:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3DBA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://petitroom-3.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://petitroom-3.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Thu, 08 Jul 2021 23:22:08 GMT
expires
Fri, 08 Jul 2022 23:22:08 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A4A0 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
93c2f45a67bb8171b83562785b72cc96a3c3caf2fcfeced2f2ac9839d0670efa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xv84ekOSCB6RXwVzuC4glw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://petitroom-3.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://petitroom-3.com/

Response headers

expires
Fri, 09 Jul 2021 02:23:29 GMT
date
Fri, 09 Jul 2021 02:23:29 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-xv84ekOSCB6RXwVzuC4glw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
pagead2.googlesyndication.com/bg/ Frame 3DBA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 11:27:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
53739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13211
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 16:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Jul 2022 11:27:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210701&jk=3202371394443180&bg=!7u2l7anNAAbV4AdB1eA7ACkAdvg8WiAUC1WwIpWCEdE_HFo4m-e6bfyBFWyx5p5LB2-8RG1Z1WuO7wIAAABIUgAAAAdoAQeZAnImEYWQzaEPEWrju25wm-C8P-RdL3t0nnP1nihoNLHGNBADJ22oKW46rRGaXwKvyq9N-ht92oR0EcblLZPKK_c5VORrBsLTtSk222iKL-DF0EKb5IaoW9ozeZgbZcegqbFhfAUmL9wmqpl1wBw3TWeic8GVhibq8sYhjVSKBhY2h2mdUhUZZqPEgdiJMmmwt7Js4reIhJoEjjDcgja070u5W5DyD5A03NvD82CtIFHalM6waeASw60kLwQ82RTU-RFHcpoz9c4RQiH1tBoCm0tkkEKgCQ_n6lnlGhCTa4ApEmfjY_G-XPCuJXXvZrRBn4dzaqeusW8A37hOVSoQrYI5IhuGkIsKI5g-q0YY9bQvcKm9imjVk3XJt-jTk8oaV672IGzV8u-IhC0DA_VKX3rGY45lqycafJPjp9KBYtMrybiZV4zghY_Xg1iV_a1FjQz8ehoEs07XAGTJqJBN2yJWWX7nM4GeVma_plY5QKv-kHTmrgXvbcU3FRpKz_u38iQNzYincBVbfZ2tMYanmhVSwYX7wFxtu2Kgp2nTyWDbWCzUFen89LpLUn3ezrGC6CevP5E-PX-ObLEIRvBxOwkOmOagGVkIELK415KToj9qh9I1FnXE1ntaRjiFJL2-C5kG2WFsIT-DF-WakR3wr0P2m5YpYd9A4udDdeVLi1aVpAEHxDzu231wthB-EoM0zch7_PCGB6fCEMRmcnR5Wgl05-JeuopLLSwPgnKfhv3nLRKpBYf31im0UfYT80L4keRWJZ_r6PsnC840BOI0j1voIv7fM-qpCWxVh_I-iDRhZMic55VJu3UON2jtCRaG0I4GFQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://petitroom-3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Jul 2021 02:23:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| adsbygoogle object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async string| google_user_agent_client_hint undefined| $ function| jQuery function| google_spfd number| google_unique_id object| google_sv_map object| wpcf7 object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| google_lpabyc object| wp number| wrapperTop object| wrapperHeight number| sidebarHeight function| fetch_twitter_count_from_count_jsoon function| fetch_facebook_count function| fetch_google_plus_count function| fetch_hatebu_count function| fetch_pocket_count function| fetch_feedly_count function| fetch_push7_count function| doMasonry function| adjast_article_like_arrow_box object| jQuery112406151466878074734 object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnhzsSurn_RylX_Nc9Sp0Rw74FEJFaYfdU5pezDynj2l_-DZ-jPIxc-u4_oBiw
.petitroom-3.com/ Name: __gads
Value: ID=cbc0c6556033d774-2221e28466c90050:T=1625797407:RT=1625797407:S=ALNI_Ma-7PT3eC3pUi6gol2s5LU_pYn_tg
.petitroom-3.com/ Name: _gat_gtag_UA_79568801_1
Value: 1
.petitroom-3.com/ Name: _gid
Value: GA1.2.25754888.1625797407
.petitroom-3.com/ Name: _ga
Value: GA1.2.493918411.1625797407

1 Console Messages

Source Level URL
Text
console-api log URL: https://petitroom-3.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
petitroom-3.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www16.a8.net
www17.a8.net
www23.a8.net
142.250.185.66
183.90.253.34
2a00:1450:4001:808::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2001
2a00:1450:400c:c04::9c
52.198.26.114
001752870f01e7631a31c0be7e93c6fb39b80a9247f50614b4138325b6bef36c
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
0e26c948164ba483456110b0ffff9994a1644daeb96db9c6f3349898beecc3b6
11511854996e430afe2570349b74301d0042353244ebb4a768d49274c2788a8f
11e985b3052675be83763307225b0be3cb4e297cc034fc14787c6ed412d52f0b
17ab20480287099ba69d470f15ad45bd5518de36085f88ecb1b5c643889f13bf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e67d7865e603df14559c911af63fa363780bd35bcdaf826495528706cf487f0
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
2aef878dbc7f0c16b6d4f0323041117838b056ee686ad74ce816214657119310
2ba0e0468290efccde7ac41afff618243e60020f5228312ff8d38368f0916d74
2baccefb5cede601d5fc018290c68a748e3199cf5c00cc77dbbf6491531d3592
2dab87de59f22b0071438d367726f05a5119cfe596ccc9639e77afe9dc9d515e
32e367ec71e96f0d9f0fb26153fa7333d7b4dc1118f3bc70f85455e860751b20
34dbf32ffd29959cee88c13596232d5af7c5513f847c673a598bf802916ebc17
373447f99b3c001103828a999f977e7faa22cbbbe691bb964a7baaf9fd2d8d26
396067957f0521fcfcb16de6a2a5718a98bd0cddecc193ed518683ca92cc64d3
4065a681bd1cb1b41de006aa017dc110a14248bf245929e1d5f9244ef0c39544
410bbef10cc0a50e426c6cd819887a9b22cb9d412e1c92a40e5324907927c6e2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e1c72ad3ae6a849d53fe9e79f9f4d4cc5fc09467d074257311ba5e156c51159
4eeaa480509e6ba47f05ba62cf46e6ee834bada7c17fe6afdbdaeec9e6243a7c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54192cf9443a6bdf81131a5878d810b3806966dc44285315cd81b22938376e69
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e
5941d6cbaf28a4b41cf3b6bbc4e200ca1890b69071e9a102b76a3669bb7faef3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de414ba4973b2d8efffc4b9088b707adecfa2af101a824fa3a5dcfa5fe03757
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
751731083b3af2e988bcfec12adce9d80b0ab56e1b7b555fcbf44299b6b51ab4
77c22158748b51a3e3c7a0cbac9865c16f24796fcc69269df9dae46c4f5ed804
77dfdc80913c50cb920f3c6b0ac88a4b019fbcb5d29e65d9c7024c3f48049564
7b5c6e6dcc7aaf85b42c5f44b05709680391b778a02bc4507c1bb340504ee65e
7e1fbe94a44c01febabaeca4dd15ef3e6148cfee4b507d2f10e7a690a5f18913
80fd2462d17008fe27ca99ba416a92f1337b7327707828d3592129bff057bde3
85ab0dd72292cba70238dbb389b7a913a4ee1764fc609488654f677f2121ccbb
905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4
93c2f45a67bb8171b83562785b72cc96a3c3caf2fcfeced2f2ac9839d0670efa
9b8f7e9c1018c6c3ceae5757e03555864eb0c0049c5182d9d745b21c61968c33
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c66401b9648f1ce6e8127266e1ae59514029f82ac26025ca3393e914528039
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9ceb0224cc39c679ee43c8cb1f37993dae2bf567ec80d8c51832578290c7e5b
ac2155b4d069162e22db4b3890769c10b096095fa949f8de1183ba55aaed09a5
aca9b5b4cbfd4bc4c8c3f0e6b803f4f17e8e7c79c4166e33dd19363e793143c3
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
bef3142e3e8e977ab554f50a7dceed6dfda9b20703a7519faf43fc4944705df9
c3b08b7a65195dffb8293a29aa77d5a756334fcbac259d742c67b7bdf30c4fea
c578988ffc902b9eec940013e53b62cf8f8019b77263e50d96718cbd300b6af9
c8cbda8236e456a9d7f9522446c5edc10506a00782c4e37089b37f2aca575410
cc67119b24683bf39f35d73e1ec8ff040ddb175a35d5e6fb516dcd9b202d322d
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d1a45f8130ff959aa9a7269118def429057b95fd88f88f66cfc5408677e5912e
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d260a43ba0f6ae58183a49c9abe68010def8990e98795f3f79b6a662bf73e8b3
d6208d8153c9dee6f1773ef8daca79b40097e4e77c0018c6d76765b1fccddef6
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e291f67dc3e643bfde7604e48a75e17298a3868ebc0c4554b9e8c17355fd6115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4119835228203de3978d98f27c2d326dd14f7d0fb412f9a05f4d1589cc83111
e571677260da837d0756709f101d1a61ed7c7910b0e56d0d79bf8341ba80e8b7
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970
eecef32ca9718864bd2c5bba624b581b76583d792289db0107880be093814b5b
f3b29881f7c9a70696f1d51f38c434205629e68d803c9c67ca015ae90d7ade09
f7db88a5dd4feb92dafbf5b17b516ddb78cfe69daff23ed72453a6a561b367f1
fc1419fe6773ab1e4b77ea6ed34fed1447a191952702472085700dc87d23a9e4
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995