planetesciences.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://planetesciences.fr.gd/pharmacologie.htm
Effective URL:
https://planetesciences.fr.gd/pharmacologie.htm
Submission: On March 10 via api (March 10th 2024, 10:10:58 pm UTC) from US — Scanned from US

Summary HTTP 46 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 16 domains to perform 46 HTTP transactions. The main IP is 193.238.27.28, located in Germany and belongs to IPX-AS15598, DE. The main domain is planetesciences.fr.gd.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.

This is the only time planetesciences.fr.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	193.238.27.28 193.238.27.28	15598 (IPX-AS15598) (IPX-AS15598)
8	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
4	178.162.223.113 178.162.223.113	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
2	54.157.58.70 54.157.58.70	14618 (AMAZON-AES) (AMAZON-AES)
3	178.162.223.114 178.162.223.114	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:cc74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:824::2004	15169 (GOOGLE) (GOOGLE)
1	18.135.30.211 18.135.30.211	16509 (AMAZON-02) (AMAZON-02)
1	176.9.183.55 176.9.183.55	24940 (HETZNER-AS) (HETZNER-AS)
2	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
3	3.75.56.58 3.75.56.58	16509 (AMAZON-02) (AMAZON-02)
1 3	18.193.148.116 18.193.148.116	16509 (AMAZON-02) (AMAZON-02)
1 2	3.127.102.51 3.127.102.51	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::681a:9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
3	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
46	18

3 193.238.27.28 (Germany) 1 redirects

ASN15598 (IPX-AS15598, DE)
PTR: fr.gd

planetesciences.fr.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.162.223.113 (Berlin, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com

theme.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.157.58.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-58-70.compute-1.amazonaws.com

www.oswd.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.223.114 (Berlin, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: img.webme.com

img.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:cc74 (United States)

ASN13335 (CLOUDFLARENET, US)

asrv205.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.30.211 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-30-211.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.183.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de

fwdtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

fwd.fwdtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.56.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com

visifeed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.148.116 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-148-116.eu-central-1.compute.amazonaws.com

redokan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.102.51 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-102-51.eu-central-1.compute.amazonaws.com

yazary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.secprf2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:cb40:200::242 (Germany) 1 redirects

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	227 KB
7	webme.com theme.webme.com img.webme.com — Cisco Umbrella Rank: 720425	12 KB
3	redokan.com 1 redirects redokan.com — Cisco Umbrella Rank: 368721	35 KB
3	visifeed.org visifeed.org — Cisco Umbrella Rank: 132628	2 KB
3	fwdtrk.com fwdtrk.com fwd.fwdtrk.com	182 KB
3	fr.gd 1 redirects planetesciences.fr.gd	358 KB
2	adcell.com 1 redirects t.adcell.com — Cisco Umbrella Rank: 61242	4 KB
2	secprf2.com 1 redirects r.secprf2.com — Cisco Umbrella Rank: 139833	2 KB
2	yazary.com 1 redirects yazary.com	2 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2 Failed	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	10 KB
2	oswd.org www.oswd.org
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 60854	77 KB
1	asrv205.com asrv205.com	1 KB
0	bessergesund.de Failed www.bessergesund.de Failed
0	free.fr Failed uplofile.free.fr Failed
46	16

	Domain	Requested by
8	pagead2.googlesyndication.com	planetesciences.fr.gd pagead2.googlesyndication.com tpc.googlesyndication.com
4	theme.webme.com	planetesciences.fr.gd
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	redokan.com	1 redirects visifeed.org redokan.com
3	visifeed.org	fwdtrk.com visifeed.org
3	img.webme.com	planetesciences.fr.gd
3	planetesciences.fr.gd	1 redirects planetesciences.fr.gd
2	t.adcell.com	1 redirects r.secprf2.com
2	r.secprf2.com	1 redirects yazary.com
2	yazary.com	1 redirects redokan.com
2	fwd.fwdtrk.com	fwdtrk.com fwd.fwdtrk.com
2	www.google.com	client planetesciences.fr.gd tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.oswd.org	planetesciences.fr.gd
1	fwdtrk.com	asrv205.com
1	track.webgains.com	asrv205.com
1	asrv205.com	planetesciences.fr.gd
0	www.bessergesund.de Failed	t.adcell.com
0	uplofile.free.fr Failed	planetesciences.fr.gd
46	19

This site contains links to these domains. Also see Links.

Domain
www.histats.com
www.ma-page.fr

Subject Issuer	Validity	Valid
fr.gd R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
misc.webme.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
www.oswd.org R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
img.webme.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
asrv205.com GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
fwdtrk.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
fwd.fwdtrk.com GTS CA 1D4	`2024-02-11` - `2024-05-11`	3 months	crt.sh
visifeed.org R3	`2024-03-09` - `2024-06-07`	3 months	crt.sh
redokan.com R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
yazary.com Amazon RSA 2048 M03	`2023-09-18` - `2024-10-17`	a year	crt.sh
secprf2.com GTS CA 1P5	`2024-02-07` - `2024-05-07`	3 months	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2023-07-28` - `2024-07-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://planetesciences.fr.gd/pharmacologie.htm
Frame ID: 3781EBD13F40301BC5AA58F792C6A5C3
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html
Frame ID: 488B9FEB1FAF52967FF25D4B1538A132
Requests: 1 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: 44DB5A0A4DEC7B5E952AEAB8C0EC6319
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4959484524710631&output=html&adk=1812271804&adf=3025194257&lmt=1710108653&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fplanetesciences.fr.gd%2Fpharmacologie.htm&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710108653212&bpp=6&bdt=166&idt=540&shv=r20240306&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8318141350316&frm=20&pv=2&ga_vid=1936050409.1710108654&ga_sid=1710108654&ga_hid=1657271252&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081613%2C31081645%2C95326316%2C31081690%2C95321963%2C95324160%2C95325784%2C95326935&oid=2&pvsid=1084853157392717&tmod=1792129966&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=690
Frame ID: C907E3FB166BBC562C7353DE68E9F47C
Requests: 1 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTUsImNyZWF0aXZlX2lkIjoyNCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcxMDEwODY1M30%3D
Frame ID: 5291392A450D90DD3464A01351876F7E
Requests: 3 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=1b4aa709fd2b8b60f9f0d778ad3e2d507009b0c1feb70a6438aa7293db9bb081&ci=yCZv3Mx%3C&its=9F%5Bt%2ALr5d4bB%7EQD%3BvfPWbW%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: C4B70CEB1750A1180BD4B7FEB6FC1862
Requests: 2 HTTP requests in this frame

Frame: https://www.bessergesund.de/?bid=353978-47322-v0304000141857eebd0e1f7d74834823baec899117eba&adcref=r.secprf2.com%2F
Frame ID: 10C559FB1EE1D90E2A96299475505D7E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 573E04FE3A9E0DE3EFB350CA2EAD7EF1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A8D4DBC85606FC7CA324E663FD9DB559
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

L'encyclopédie des Sciences - Pharmacologie

Page URL History Show full URLs

http://planetesciences.fr.gd/pharmacologie.htm HTTP 301
https://planetesciences.fr.gd/pharmacologie.htm Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

46
Requests

85 %
HTTPS

41 %
IPv6

16
Domains

19
Subdomains

18
IPs

4
Countries

913 kB
Transfer

2478 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.histats.com/

Search URL Search Domain Scan URL

URL: https://www.ma-page.fr/?c=4000&utm_source=selfpromotion&utm_campaign=overlay&utm_medium=footer
Title: Ce site web a été créé gratuitement avec Ma-page.fr. Tu veux aussi ton propre site web ? S'inscrire gratuitement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://planetesciences.fr.gd/pharmacologie.htm HTTP 301
https://planetesciences.fr.gd/pharmacologie.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=1b4aa709fd2b8b60f9f0d778ad3e2d507009b0c1feb70a6438aa7293db9bb000&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMi4wLjYyNjEuMTExIFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
https://yazary.com/de/y?t=bessergesund.de&cid=b745c33e9409aa84bf0a7838cd88a0fb4a31f736ab53d8ed30df13f07060647f&identifier=1f18cd2bad3ceea4 HTTP 302
https://yazary.com/de/search/bessergesund.de

Request Chain 34

https://r.secprf2.com/v1/redirect?url=https://bessergesund.de&api_key=4c73510dbf6df5d9f09c2cf78850dc02&site_id=7d358a6a5c5c44b4abe17fe1a9420357&type=url&source=https://yazary.com/de/search/bessergesund.de&yk_tag=b745c33e9409aa84bf0a7838cd88a0fb4a31f736ab53d8ed30df13f07060647f HTTP 302
https://r.secprf2.com/v2/go?t=atep1%3A9%2F8.edbe2l4c8m7p7c1i0kbpeo5o1d1303473%26vldtbds4e3.2npsrgme%3Dstbp2%25FA%2523%25sFtehs0raeau%26d2d7%26%3DuIIo%3Ds0809050%3D4I8m7re%3Fdcelf%2Fd%2F4o3.8l3caact9%2F1s7tbh&e=1&ai=920ff1077e894eeab2529e4ce6cf92c2&sct=0&ct=1710108656270&cu=7eebd0e1f7d74834823baec899117eba&cs=8ae5f437379dbe1ef2a0a418946e032c

Request Chain 36

https://t.adcell.com/p/click?promoId=353978&slotId=47322&param0=https%3A%2F%2Fbessergesund.de&subId=v0304000141857eebd0e1f7d74834823baec899117eba HTTP 302
https://t.adcell.com/forward?promoId=353978&slotId=47322&param0=https%3A%2F%2Fbessergesund.de&subId=v0304000141857eebd0e1f7d74834823baec899117eba&referer=https%3A%2F%2Fr.secprf2.com%2F

Request Chain 43

https://t.adcell.com/p/click?promoId=353978&slotId=47322&param0=https%3A%2F%2Fbessergesund.de&subId=v0304000141857eebd0e1f7d74834823baec899117eba&referer=https%3A%2F%2Fr.secprf2.com%2F&fp=ae55904495b1873a6ad968986f0bebef HTTP 302
https://bessergesund.de/?bid=353978-47322-v0304000141857eebd0e1f7d74834823baec899117eba&adcref=r.secprf2.com%2F HTTP 301
https://www.bessergesund.de/?bid=353978-47322-v0304000141857eebd0e1f7d74834823baec899117eba&adcref=r.secprf2.com%2F

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request pharmacologie.htm Show response
planetesciences.fr.gd/
Redirect Chain

http://planetesciences.fr.gd/pharmacologie.htm
https://planetesciences.fr.gd/pharmacologie.htm

1 MB
358 KB

748ms
353ms

Document
text/html

193.238.27.28
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL: https://planetesciences.fr.gd/pharmacologie.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.238.27.28 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS: fr.gd
Software: nginx /
Resource Hash: 7a6268e23b2805ab4f1949b732a1326d2cb8b0246f6292b743472f2e7306a8e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=ISO-8859-15
Date: Sun, 10 Mar 2024 22:10:52 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Via: 1.1 varnish-v4
X-Varnish: 731908474
X-wm-1: b5c15a4f00826b560de2380c0e08f5b7
X-wm-VIP: 193.238.27.28
X-wm-req.backend: SitesGET
X-wm-req.backend.healthy: true
X-wm-req.restarts: 0

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 10 Mar 2024 22:10:52 GMT
Location: https://planetesciences.fr.gd/pharmacologie.htm
Server: Varnish
X-Varnish: 721126183

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 99ms
77ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4959484524710631&host=ca-host-pub-1483906849246906

Requested by

Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c4bd57322caa2a6d94ec1b7d1b94845ea8363c83752512f5a8bd17ca134e462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://planetesciences.fr.gd/
Origin: https://planetesciences.fr.gd
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51030
x-xss-protection: 0
server: cafe
etag: 7113917077874286199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 10 Mar 2024 22:10:53 GMT

GET
H/1.1 200
OK navi_ende.gif
theme.webme.com/designs/iceblue/images/ 4 KB
4 KB 485ms
92ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/iceblue/images/navi_ende.gif
Requested by: Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 52738ef63f4f5d74aec2c2d009710029efc884cf4918fb7792eec9f9475be020

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 22:10:53 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 40708
Content-Type: image/gif
X-Varnish: 646229348, 85694192 61473441
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3928
Expires: Sun, 21 Apr 2024 10:52:24 GMT

GET
H/1.1 404
Not Found page-header.jpg
www.oswd.org/files/designs/3365/three_quarters/ 0
0 90ms
16ms Image
text/html 54.157.58.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oswd.org/files/designs/3365/three_quarters/page-header.jpg
Requested by: Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.58.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-58-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H/1.1 404
Not Found navfire.gif
img.webme.com/pic/s/success4you/ 0
0 482ms
88ms Image
text/html 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/s/success4you/navfire.gif
Requested by: Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H/1.1 404
Not Found blackwhite.gif
img.webme.com/pic/s/success4you/ 0
0 472ms
88ms Image
text/html 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/s/success4you/blackwhite.gif
Requested by: Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/ 405 KB
137 KB 102ms
91ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js?bust=31081690

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4959484524710631&host=ca-host-pub-1483906849246906

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6480a4e3f8cf2f69f7894831c1a77cd66f7026b0584b20addd349d9fb11223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140661
x-xss-protection: 0
server: cafe
etag: 6254425263649444675
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 22:10:53 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame 488B 9 KB
4 KB 26ms
8ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4959484524710631&host=ca-host-pub-1483906849246906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://planetesciences.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 85883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Mar 2024 22:19:30 GMT
etag: 5035419970550746386
expires: Sat, 23 Mar 2024 22:19:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK cool.gif
theme.webme.com/smiles/ 172 B
584 B 370ms
88ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/smiles/cool.gif
Requested by: Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 66c91e62b8d3a3403c0fe5a2c627a95859dcd58582aa20282a8e820db279d32e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 22:10:53 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:43 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 40734
Content-Type: image/gif
X-Varnish: 630156976, 85854862 59636634
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 172
Expires: Sun, 21 Apr 2024 10:51:59 GMT

GET
H/1.1 200
OK shocked.gif
theme.webme.com/smiles/ 170 B
582 B 455ms
98ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/smiles/shocked.gif
Requested by: Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 98434fcf5c538c6fc971b450bf22b362709e1ec4c8c873ed7bfd28d1f656a1d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 22:10:53 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:43 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 39789
Content-Type: image/gif
X-Varnish: 647413583, 83579959 60342026
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 170
Expires: Sun, 21 Apr 2024 11:07:43 GMT

GET
H2 200 eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0= Show response
asrv205.com/adframe/ Frame 44DB 1 KB
1 KB 156ms
113ms Document
text/html 2606:4700:3037::ac43:cc74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by: Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cc74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0cab1c94f309c1ae637f63d8d5f345b436f3f917e79eab83c56882929e22881

Request headers

Referer: https://planetesciences.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8626a32ced18424b-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 22:10:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rm3U6HKi7Z67wxcH%2FFqGFrwvNk22W%2F%2BsFXf2xuRMVf8Zwh%2BaCnzuFul%2BzFVj5Eiu2jNsNjiYPoY0Fiww6o3zzza5tQ%2By%2FCABhFQePb70Z5ZMV24fl41ZlfTTgoInLhpo641jI7TQs%2BpHUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET branding.css
www.google.com/cse/api/ 0
0

GET
H2 200 poweredby_000000.gif
www.google.com/images/poweredby_transparent/ 488 B
930 B 147ms
21ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/poweredby_transparent/poweredby_000000.gif

Requested by

Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:10:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 488
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 10 Mar 2024 22:10:53 GMT

GET show_afs_search.js
www.google.com/afsonline/ 0
0

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET 102044437m_hover.png
uplofile.free.fr/rep2/ 0
0

GET
H/1.1 404
Not Found URL
planetesciences.fr.gd/ 201 B
201 B 110ms
109ms Image
text/html 193.238.27.28
IPX-AS15598

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://planetesciences.fr.gd/URL
Requested by: Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.238.27.28 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS: fr.gd
Software: nginx /
Resource Hash: cf9b4cbef32830e6156e31df2a32d2e709ca66c44d254f9bb10171077b28883f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/pharmacologie.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

X-wm-req.restarts: 0
Date: Sun, 10 Mar 2024 22:10:53 GMT
Via: 1.1 varnish-v4
Server: nginx
X-wm-VIP: 193.238.27.28
Age: 0
X-wm-req.backend.healthy: true
X-Varnish: 726154713
Content-Type: text/html; charset=iso-8859-1
X-wm-req.backend: SitesGET
Connection: keep-alive
Content-Length: 201

GET
H/1.1 404
Not Found navfire.gif
img.webme.com/pic/s/success4you/ 0
0 272ms
94ms Image
text/html 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/s/success4you/navfire.gif
Requested by: Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H/1.1 404
Not Found page-header.jpg
www.oswd.org/files/designs/3365/three_quarters/ 0
0 40ms
18ms Image
text/html 54.157.58.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oswd.org/files/designs/3365/three_quarters/page-header.jpg
Requested by: Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.58.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-58-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H/1.1 200
OK s_bg.gif
theme.webme.com/designs/iceblue/images/ 6 KB
7 KB 110ms
110ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/iceblue/images/s_bg.gif
Requested by: Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 4f5460dfd092fd9590362384eb00333f8b88fa1489703e21fb14271387baf063

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 22:10:53 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 24593
Content-Type: image/gif
X-Varnish: 669959994, 85694229 65026419
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6503
Expires: Sun, 21 Apr 2024 15:21:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C907 15 KB
6 KB 578ms
577ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4959484524710631&output=html&adk=1812271804&adf=3025194257&lmt=1710108653&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fplanetesciences.fr.gd%2Fpharmacologie.htm&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710108653212&bpp=6&bdt=166&idt=540&shv=r20240306&mjsv=m202403070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8318141350316&frm=20&pv=2&ga_vid=1936050409.1710108654&ga_sid=1710108654&ga_hid=1657271252&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081613%2C31081645%2C95326316%2C31081690%2C95321963%2C95324160%2C95325784%2C95326935&oid=2&pvsid=1084853157392717&tmod=1792129966&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=690

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js?bust=31081690

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

802c7738fd3ad1cbb160229f2ac42878174f097b9a8c7a6085f358f0c57df909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://planetesciences.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5472
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Mar 2024 22:10:54 GMT
expires: Sun, 10 Mar 2024 22:10:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 64ms
63ms Image
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=selfpromotionOverlay&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 22:10:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html
track.webgains.com/ Frame 44DB 76 KB
77 KB 378ms
189ms Image
image/gif 18.135.30.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wglinkid=4776778&wgcampaignid=1700378
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.30.211 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-30-211.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 78ec9a68ab9955a9ace5bff082c6a5547664a363ee28ffe9bd0f63aec861ff09

Request headers

accept-language: en-US,en;q=0.9
Referer: https://asrv205.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:10:54 GMT
last-modified: Sun, 10 Mar 2024 22:10:54 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 10 Mar 2024 22:11:54 GMT

GET
H/1.1 200
OK eyJjYW1wYWlnbl9pZCI6MTUsImNyZWF0aXZlX2lkIjoyNCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwN... Show response
fwdtrk.com/track/ Frame 5291 1 KB
2 KB 316ms
93ms Document
text/html 176.9.183.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTUsImNyZWF0aXZlX2lkIjoyNCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcxMDEwODY1M30%3D
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.183.9.176.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Mar 2024 22:10:54 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 track Show response
fwd.fwdtrk.com/ Frame 5291 189 KB
76 KB 575ms
398ms Script
application/javascript 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fwd.fwdtrk.com/track?id=

Requested by

Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTUsImNyZWF0aXZlX2lkIjoyNCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcxMDEwODY1M30%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2015.1e100.net

Software

Google Tag Manager /

Resource Hash

4c6e4e32959e2c79aaeb0a0302b07ae772251797aef99e32d8ac9e950223f2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fwdtrk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:10:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Sun, 10 Mar 2024 21:00:00 GMT
server: Google Tag Manager
via: 1.1 google
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
x-xss-protection: 0

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame C4B7 403 B
735 B 320ms
103ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTUsImNyZWF0aXZlX2lkIjoyNCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcxMDEwODY1M30%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 2a72846ae226aa05ad0ea67ac4cc5897b4f997d72b22342cdc6ee48f435f695b

Request headers

Referer: https://fwdtrk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Mar 2024 22:10:54 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 65ms
65ms Image
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31081613%2C31081645%2C95326316%2C31081690%2C95321963%2C95324160%2C95325784%2C95326935&hl=fr&pvc=1084853157392717

Requested by

Host: planetesciences.fr.gd
URL: https://planetesciences.fr.gd/pharmacologie.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 22:10:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i Show response
visifeed.org/ Frame C4B7 408 B
735 B 97ms
96ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=1b4aa709fd2b8b60f9f0d778ad3e2d507009b0c1feb70a6438aa7293db9bb081&ci=yCZv3Mx%3C&its=9F%5Bt%2ALr5d4bB%7EQD%3BvfPWbW%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 9dcc737b8a05bf92f291c820d4181ad78bbfd817f5da398444c9c44300b0893a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Mar 2024 22:10:54 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame 10C5 342 B
667 B 103ms
103ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=1b4aa709fd2b8b60f9f0d778ad3e2d507009b0c1feb70a6438aa7293db9bb000&ci=yCZv3Mx%3C&its=9F%5Bt%2ALr5d4bB%7EQD%3BvfPWbW%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=1b4aa709fd2b8b60f9f0d778ad3e2d507009b0c1feb70a6438aa7293db9bb081&ci=yCZv3Mx%3C&its=9F%5Bt%2ALr5d4bB%7EQD%3BvfPWbW%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: b799f101310e1a853cce69902be3e6b03121697d965f6f3ba7202e0b016827a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Mar 2024 22:10:54 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H/1.1 200
OK redirect Show response
redokan.com/ Frame 10C5 2 KB
1 KB 311ms
117ms Document
text/html 18.193.148.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=1b4aa709fd2b8b60f9f0d778ad3e2d507009b0c1feb70a6438aa7293db9bb000&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=1b4aa709fd2b8b60f9f0d778ad3e2d507009b0c1feb70a6438aa7293db9bb000&ci=yCZv3Mx%3C&its=9F%5Bt%2ALr5d4bB%7EQD%3BvfPWbW%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.148.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-148-116.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/8.2.16
Resource Hash: 0742448e08b2f89792322f2bc36b19462c0c06b680c5d89ea9215be3dff40371

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Mar 2024 22:10:55 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/8.2.16

GET
H2 200 js Show response
fwd.fwdtrk.com/gtag/ Frame 5291 268 KB
104 KB 395ms
395ms Script
application/javascript 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fwd.fwdtrk.com/gtag/js?id=G-B6LHGYT55G&l=dataLayer&cx=c
Requested by: Host: fwd.fwdtrk.com
URL: https://fwd.fwdtrk.com/track?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2015.1e100.net
Software: /
Resource Hash: 85d243c4d8bde45623f35fe6a411fd9e1117bebe6b59c2c13b229b4130b4dd94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fwdtrk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-type: application/javascript; charset=UTF-8
date: Sun, 10 Mar 2024 22:10:55 GMT
cache-control: private, max-age=900
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
expires: Sun, 10 Mar 2024 22:24:56 GMT

GET
H/1.1 200
OK fp.min.js Show response
redokan.com/js/ Frame 10C5 34 KB
34 KB 198ms
197ms Script
application/javascript 18.193.148.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://redokan.com/js/fp.min.js
Requested by: Host: redokan.com
URL: https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=1b4aa709fd2b8b60f9f0d778ad3e2d507009b0c1feb70a6438aa7293db9bb000&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.148.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-148-116.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=1b4aa709fd2b8b60f9f0d778ad3e2d507009b0c1feb70a6438aa7293db9bb000&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 22:10:55 GMT
Last-Modified: Tue, 27 Feb 2024 11:09:21 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Etag: W/"65ddc2e1-864c"
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2

200

bessergesund.de Show response
yazary.com/de/search/ Frame 10C5
Redirect Chain

https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=1b4aa709fd2b8b60f9f0d778ad3e2d507009b0c1feb70a6438aa7293db9bb000&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp...
https://yazary.com/de/y?t=bessergesund.de&cid=b745c33e9409aa84bf0a7838cd88a0fb4a31f736ab53d8ed30df13f07060647f&identifier=1f18cd2bad3ceea4
https://yazary.com/de/search/bessergesund.de

534 B
1 KB

103ms
103ms

Document
text/html

3.127.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yazary.com/de/search/bessergesund.de
Requested by: Host: redokan.com
URL: https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=1b4aa709fd2b8b60f9f0d778ad3e2d507009b0c1feb70a6438aa7293db9bb000&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.102.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-102-51.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/7.1.33
Resource Hash: a53d48b44b31c2b196d9db0b8383656d356baf898fb859a87d0c4c48c2a5668a

Request headers

Referer: https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=1b4aa709fd2b8b60f9f0d778ad3e2d507009b0c1feb70a6438aa7293db9bb000&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 22:10:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 22:10:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://yazary.com/de/search/bessergesund.de
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

GET
H2

200

go Show response
r.secprf2.com/v2/ Frame 10C5
Redirect Chain

https://r.secprf2.com/v1/redirect?url=https://bessergesund.de&api_key=4c73510dbf6df5d9f09c2cf78850dc02&site_id=7d358a6a5c5c44b4abe17fe1a9420357&type=url&source=https://yazary.com/de/search/besserge...
https://r.secprf2.com/v2/go?t=atep1%3A9%2F8.edbe2l4c8m7p7c1i0kbpeo5o1d1303473%26vldtbds4e3.2npsrgme%3Dstbp2%25FA%2523%25sFtehs0raeau%26d2d7%26%3DuIIo%3Ds0809050%3D4I8m7re%3Fdcelf%2Fd%2F4o3.8l3caact...

1 KB
849 B

75ms
75ms

Document
text/html

2606:4700:20::681a:9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.secprf2.com/v2/go?t=atep1%3A9%2F8.edbe2l4c8m7p7c1i0kbpeo5o1d1303473%26vldtbds4e3.2npsrgme%3Dstbp2%25FA%2523%25sFtehs0raeau%26d2d7%26%3DuIIo%3Ds0809050%3D4I8m7re%3Fdcelf%2Fd%2F4o3.8l3caact9%2F1s7tbh&e=1&ai=920ff1077e894eeab2529e4ce6cf92c2&sct=0&ct=1710108656270&cu=7eebd0e1f7d74834823baec899117eba&cs=8ae5f437379dbe1ef2a0a418946e032c
Requested by: Host: yazary.com
URL: https://yazary.com/de/search/bessergesund.de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1f78c2142a37e17bf781701893f8d177bc27a539df4d6a2c238958df0711bbc

Request headers

Referer: https://yazary.com/de/search/bessergesund.de
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8626a33dea447cab-EWR
content-encoding: br
content-type: text/html;charset=UTF-8
date: Sun, 10 Mar 2024 22:10:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UueRnlBYExdH%2B97BuYJ3MI99T19Yk73vNG%2FtI35bpgN7%2BJ8dS4FHkXQ6yJNmbjKYVxDrqB0tO%2BM9R7OYYZjNEtMTnP%2FyWxtZtutGyRisi5d1IpRmrB0aaJIN8sc2ucpDu4pBpKKJINC01e0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8626a33c2fb27cab-EWR
content-length: 0
date: Sun, 10 Mar 2024 22:10:56 GMT
location: /v2/go?t=atep1%3A9%2F8.edbe2l4c8m7p7c1i0kbpeo5o1d1303473%26vldtbds4e3.2npsrgme%3Dstbp2%25FA%2523%25sFtehs0raeau%26d2d7%26%3DuIIo%3Ds0809050%3D4I8m7re%3Fdcelf%2Fd%2F4o3.8l3caact9%2F1s7tbh&e=1&ai=920ff1077e894eeab2529e4ce6cf92c2&sct=0&ct=1710108656270&cu=7eebd0e1f7d74834823baec899117eba&cs=8ae5f437379dbe1ef2a0a418946e032c
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mi5Aj%2FAiruiqc9R4UXrlzbi2r951tVnH47mkkvvPdTSBDZmHH8zXxM%2F4AT6cxrh51NakjESbS7BESQu4Q9DUZkn2Rmt9zexAi8zK1AQ%2BomCIueSR6DTJyZ1US49jbHX7OHklKORJ%2B9D4GRw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 94ms
92ms XHR
application/json 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240306&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js?bust=31081690

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11ed743cd7261f223ff9f0d8294084c2dcfe4942ba9059e58440b598eaa56df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12363
x-xss-protection: 0

GET
H2

200

forward Show response
t.adcell.com/ Frame 10C5
Redirect Chain

https://t.adcell.com/p/click?promoId=353978&slotId=47322&param0=https%3A%2F%2Fbessergesund.de&subId=v0304000141857eebd0e1f7d74834823baec899117eba
https://t.adcell.com/forward?promoId=353978&slotId=47322&param0=https%3A%2F%2Fbessergesund.de&subId=v0304000141857eebd0e1f7d74834823baec899117eba&referer=https%3A%2F%2Fr.secprf2.com%2F

12 KB
4 KB

175ms
174ms

Document
text/html

2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/forward?promoId=353978&slotId=47322&param0=https%3A%2F%2Fbessergesund.de&subId=v0304000141857eebd0e1f7d74834823baec899117eba&referer=https%3A%2F%2Fr.secprf2.com%2F

Requested by

Host: r.secprf2.com
URL: https://r.secprf2.com/v2/go?t=atep1%3A9%2F8.edbe2l4c8m7p7c1i0kbpeo5o1d1303473%26vldtbds4e3.2npsrgme%3Dstbp2%25FA%2523%25sFtehs0raeau%26d2d7%26%3DuIIo%3Ds0809050%3D4I8m7re%3Fdcelf%2Fd%2F4o3.8l3caact9%2F1s7tbh&e=1&ai=920ff1077e894eeab2529e4ce6cf92c2&sct=0&ct=1710108656270&cu=7eebd0e1f7d74834823baec899117eba&cs=8ae5f437379dbe1ef2a0a418946e032c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

22a9bbc08630d27c4d142eac8321ca5f87b88e02c9fe0c82b9c60d85a6252d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://r.secprf2.com/v2/go?t=atep1%3A9%2F8.edbe2l4c8m7p7c1i0kbpeo5o1d1303473%26vldtbds4e3.2npsrgme%3Dstbp2%25FA%2523%25sFtehs0raeau%26d2d7%26%3DuIIo%3Ds0809050%3D4I8m7re%3Fdcelf%2Fd%2F4o3.8l3caact9%2F1s7tbh&e=1&ai=920ff1077e894eeab2529e4ce6cf92c2&sct=0&ct=1710108656270&cu=7eebd0e1f7d74834823baec899117eba&cs=8ae5f437379dbe1ef2a0a418946e032c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 3823
content-type: text/html; charset=utf-8
date: Sun, 10 Mar 2024 22:10:56 GMT
etag: "myra-434f1c7c"
expires: Sun, 10 Mar 2024 22:10:56 GMT
server: myracloud
strict-transport-security: max-age=15768000
vary: accept-encoding

Redirect headers

cache-control: max-age=0
content-length: 0
content-type: text/html
date: Sun, 10 Mar 2024 22:10:56 GMT
expires: Sun, 10 Mar 2024 22:10:56 GMT
location: https://t.adcell.com/forward?promoId=353978&slotId=47322&param0=https%3A%2F%2Fbessergesund.de&subId=v0304000141857eebd0e1f7d74834823baec899117eba&referer=https%3A%2F%2Fr.secprf2.com%2F
server: myracloud
strict-transport-security: max-age=15768000

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 32ms
18ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js?bust=31081690

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 22:10:56 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 573E 13 KB
5 KB 4ms
3ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://planetesciences.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 172589
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 22:14:27 GMT
expires: Sat, 08 Mar 2025 22:14:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A8D4 829 B
987 B 25ms
24ms Document
text/html 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

122c1779eb5ff7dfd6920a9cd2690319324a1181fd659b27aa9ca12180618bc0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cjisvm2oZ_ieQuiWsvjeZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://planetesciences.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cjisvm2oZ_ieQuiWsvjeZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Mar 2024 22:10:56 GMT
expires: Sun, 10 Mar 2024 22:10:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 573E 39 KB
15 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:15:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 22:15:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A8D4 0
0 64ms
63ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240306&jk=1084853157392717&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 573E 0
10 B 3ms
3ms Image
text/plain 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0fL9RA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 22:10:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET

/
www.bessergesund.de/ Frame 10C5
Redirect Chain

https://t.adcell.com/p/click?promoId=353978&slotId=47322&param0=https%3A%2F%2Fbessergesund.de&subId=v0304000141857eebd0e1f7d74834823baec899117eba&referer=https%3A%2F%2Fr.secprf2.com%2F&fp=ae5590449...
https://bessergesund.de/?bid=353978-47322-v0304000141857eebd0e1f7d74834823baec899117eba&adcref=r.secprf2.com%2F
https://www.bessergesund.de/?bid=353978-47322-v0304000141857eebd0e1f7d74834823baec899117eba&adcref=r.secprf2.com%2F

0
0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 67ms
67ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240306&jk=1084853157392717&bg=!kZKlkt3NAAZsmiNCTJo7ADQBe5WfOKMldnY8JG0Ju2dBTfQeAJJf7vVe3MbxyNPNFx6625tMPdq231vyyUMoqTX5bUJSAgAAAElSAAAAA2gBBwoAOfDS6HJGlEtcutr7eX7iJ2YCsOfJRoKnYxaKpgcGWNHbH5g7EC44vDJT6CcMg-l-GuL13WUoCQfDyJkC2N97ddcKQqEjumCOpJu_uLLOkVfkzBRypJSsAXLMqv_BYJEYqtkfJRzWWDN0KZHTqChNJb0m91MG6bZw0oO2_JY88aa4H_ut5AyURnMiLSi27rhIl8zF4GnvRowUf8-zYxpteViQs2fb-s7uFRxh0c9C9CWx3dIUDKemxnoWk_d399ei2IVrs4LDImJzUDTVUQRx9o-j6hFMX1ZDZezjblQZ3Oib_T5Var3RjfwesOvAXskTMCzgJhdMMO3h0ApJVd-WYFrcyFph3ORj75w1k7NCb6Jm1XWmsMAsLr0gE7rWZL-8nGgkOibZYxcxbj8Y5RUxTuaFArw-NQqIm8lTiEXZ8xSZyu76bo316RKDiuQ6Gq9UkAS0n5e8vnPtL7OPtSa-GpaageQBLNMUoZeevZaK513ypvh1ckBB8GgQGcA_htxRCX_lIo-LSMNspJ5OkSUTE4Y6oe1lKVdYcyHifNfXrBgkqHqdxhXSgQ_KxrI9BtFJq8QUncSuIlcIWIrskaD66HsOO38piSziQVOuK6d59CXEnNnc0GO68s8sfhQG1L1rbLgmRxaTBdQ-IEhC1Bhtj5MJfOnBeWVBuLuTda4bdBu-zA6DgpIYzZYVSedklkbxGND6Y5_s8mGSzGrCJ_NIdb15VYcuTk6nbUHL185XG5p9-vUlqx1e7ywokoZFkBtKfxihN0fDhtbz9EqPxXOvrM6uGLY58nnIBtnryI88ECX6UnFDIPiOr4CvjLUXDDL4a82Rr5MTgiPfEI0dcfQUWP1I32TwN8GVWqDvhH1SsytHsgbBCl_QUlRAAFbVUMblFAmatWl2AKKbk76IA55BzA_fjH11oL36a7jniVPbr_1rYolVHhfcMAcmeD49M5Nyz3EqW1o970vcFwbwUNO8DMBtiXOt5BYEAwUfSH2tBw3V5GIRXxnMxNadb6W9YDLtqZsw6zDXpcItY-ZzXsXYCGz1SuxT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://planetesciences.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: www.google.com
URL: http://www.google.com/cse/api/branding.css

Domain: www.google.com
URL: http://www.google.com/afsonline/show_afs_search.js

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: uplofile.free.fr
URL: https://uplofile.free.fr/rep2/102044437m_hover.png

Domain: www.bessergesund.de
URL: https://www.bessergesund.de/?bid=353978-47322-v0304000141857eebd0e1f7d74834823baec899117eba&adcref=r.secprf2.com%2F

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.planetesciences.fr.gd/	1969-12-31 23:59:59	Name: PHPSESSID Value: ab209feca69ec90afe73c7a5b54c15ca
.doubleclick.net/	1970-01-20 19:01:49	Name: test_cookie Value: CheckForPermission
yazary.com/	1970-01-20 19:11:53	Name: AWSALBCORS Value: Jfp8mXS70qmx3FfqkrCSFtIGUbZbkUJ8xOtI617vJcBa2yzSP2GOCbXNR6wSC4ii2bBrczDGu73Jhm8gUTqClqLCi//807giPERaNfTUdvvkQ7fp5K86P2WO4PEw
.secprf2.com/	1970-01-21 03:47:24	Name: ykuid Value: 2a30bb0028bd4c13854cd9b153ab640b
t.adcell.com/	1970-01-20 19:45:00	Name: ADCELLpid12012 Value: 353978-47322-v0304000141857eebd0e1f7d74834823baec899117eba%23%23%23%23https%3A%2F%2Fr.secprf2.com%2F%40%40%40%401710108656

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://planetesciences.fr.gd/pharmacologie.htm(Line 976) Message: Mixed Content: The page at 'https://planetesciences.fr.gd/pharmacologie.htm' was loaded over HTTPS, but requested an insecure element 'http://www.oswd.org/files/designs/3365/three_quarters/page-header.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.oswd.org/files/designs/3365/three_quarters/page-header.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://img.webme.com/pic/s/success4you/blackwhite.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://img.webme.com/pic/s/success4you/navfire.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://planetesciences.fr.gd/pharmacologie.htm Message: Mixed Content: The page at 'https://planetesciences.fr.gd/pharmacologie.htm' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://planetesciences.fr.gd/pharmacologie.htm Message: Mixed Content: The page at 'https://planetesciences.fr.gd/pharmacologie.htm' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://planetesciences.fr.gd/pharmacologie.htm(Line 8669) Message: Mixed Content: The page at 'https://planetesciences.fr.gd/pharmacologie.htm' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.google.com/cse/api/branding.css'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://planetesciences.fr.gd/pharmacologie.htm(Line 8672) Message: Mixed Content: The page at 'https://planetesciences.fr.gd/pharmacologie.htm' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://planetesciences.fr.gd/'. This endpoint should be made available over a secure connection.
security	warning	URL: https://planetesciences.fr.gd/pharmacologie.htm(Line 8696) Message: Mixed Content: The page at 'https://planetesciences.fr.gd/pharmacologie.htm' was loaded over HTTPS, but requested an insecure element 'http://www.google.com/images/poweredby_transparent/poweredby_000000.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://planetesciences.fr.gd/pharmacologie.htm Message: Mixed Content: The page at 'https://planetesciences.fr.gd/pharmacologie.htm' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/afsonline/show_afs_search.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://planetesciences.fr.gd/pharmacologie.htm Message: Mixed Content: The page at 'https://planetesciences.fr.gd/pharmacologie.htm' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js?bust=31081690(Line 128) Message: Mixed Content: The page at 'https://planetesciences.fr.gd/pharmacologie.htm' was loaded over HTTPS, but requested an insecure element 'http://uplofile.free.fr/rep2/102044437m_hover.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403070101/show_ads_impl_fy2021.js?bust=31081690(Line 128) Message: Mixed Content: The page at 'https://planetesciences.fr.gd/pharmacologie.htm' was loaded over HTTPS, but requested an insecure element 'http://www.oswd.org/files/designs/3365/three_quarters/page-header.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.oswd.org/files/designs/3365/three_quarters/page-header.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://planetesciences.fr.gd/URL Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://planetesciences.fr.gd/pharmacologie.htm Message: Mixed Content: The page at 'https://planetesciences.fr.gd/pharmacologie.htm' was loaded over HTTPS, but requested an insecure plugin resource 'http://s11.histats.com/205.swf'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://img.webme.com/pic/s/success4you/navfire.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://uplofile.free.fr/rep2/102044437m_hover.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://planetesciences.fr.gd/pharmacologie.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://planetesciences.fr.gd/pharmacologie.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://planetesciences.fr.gd/pharmacologie.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://planetesciences.fr.gd/pharmacologie.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://planetesciences.fr.gd/pharmacologie.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://planetesciences.fr.gd/pharmacologie.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asrv205.com
fwd.fwdtrk.com
fwdtrk.com
googleads.g.doubleclick.net
img.webme.com
pagead2.googlesyndication.com
planetesciences.fr.gd
r.secprf2.com
redokan.com
t.adcell.com
theme.webme.com
tpc.googlesyndication.com
track.webgains.com
uplofile.free.fr
visifeed.org
www.bessergesund.de
www.google.com
www.oswd.org
yazary.com
pagead2.googlesyndication.com
uplofile.free.fr
www.bessergesund.de
www.google.com
176.9.183.55
178.162.223.113
178.162.223.114
18.135.30.211
18.193.148.116
193.238.27.28
216.239.32.21
2606:4700:20::681a:9
2606:4700:3037::ac43:cc74
2607:f8b0:4006:817::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:824::2001
2607:f8b0:4006:824::2004
2a02:cb40:200::242
3.127.102.51
3.75.56.58
54.157.58.70
0742448e08b2f89792322f2bc36b19462c0c06b680c5d89ea9215be3dff40371
11ed743cd7261f223ff9f0d8294084c2dcfe4942ba9059e58440b598eaa56df8
122c1779eb5ff7dfd6920a9cd2690319324a1181fd659b27aa9ca12180618bc0
22a9bbc08630d27c4d142eac8321ca5f87b88e02c9fe0c82b9c60d85a6252d01
2a72846ae226aa05ad0ea67ac4cc5897b4f997d72b22342cdc6ee48f435f695b
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
4c6e4e32959e2c79aaeb0a0302b07ae772251797aef99e32d8ac9e950223f2e8
4f5460dfd092fd9590362384eb00333f8b88fa1489703e21fb14271387baf063
52738ef63f4f5d74aec2c2d009710029efc884cf4918fb7792eec9f9475be020
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66c91e62b8d3a3403c0fe5a2c627a95859dcd58582aa20282a8e820db279d32e
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
78ec9a68ab9955a9ace5bff082c6a5547664a363ee28ffe9bd0f63aec861ff09
7a6268e23b2805ab4f1949b732a1326d2cb8b0246f6292b743472f2e7306a8e1
802c7738fd3ad1cbb160229f2ac42878174f097b9a8c7a6085f358f0c57df909
85d243c4d8bde45623f35fe6a411fd9e1117bebe6b59c2c13b229b4130b4dd94
98434fcf5c538c6fc971b450bf22b362709e1ec4c8c873ed7bfd28d1f656a1d8
9b6480a4e3f8cf2f69f7894831c1a77cd66f7026b0584b20addd349d9fb11223
9c4bd57322caa2a6d94ec1b7d1b94845ea8363c83752512f5a8bd17ca134e462
9dcc737b8a05bf92f291c820d4181ad78bbfd817f5da398444c9c44300b0893a
a53d48b44b31c2b196d9db0b8383656d356baf898fb859a87d0c4c48c2a5668a
b799f101310e1a853cce69902be3e6b03121697d965f6f3ba7202e0b016827a8
c1f78c2142a37e17bf781701893f8d177bc27a539df4d6a2c238958df0711bbc
cf9b4cbef32830e6156e31df2a32d2e709ca66c44d254f9bb10171077b28883f
d0cab1c94f309c1ae637f63d8d5f345b436f3f917e79eab83c56882929e22881
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe

planetesciences.fr.gd Open in urlscan Pro 193.238.27.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

85 %HTTPS

41 %IPv6

16 Domains

19 Subdomains

18 IPs

4 Countries

913 kBTransfer

2478 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

planetesciences.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

85 %
HTTPS

41 %
IPv6

16
Domains

19
Subdomains

18
IPs

4
Countries

913 kB
Transfer

2478 kB
Size

5
Cookies

46 HTTP transactions
0 data transactions