imgbb.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ns1.ibb.co/
Effective URL:
https://imgbb.com/
Submission: On December 20 via api (December 20th 2023, 10:25:52 am UTC) from LU — Scanned from FR

Summary HTTP 125 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 17 domains to perform 125 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgbb.com. The Cisco Umbrella rank of the primary domain is 294229.
TLS certificate: Issued by GTS CA 1P5 on October 31st 2023. Valid for: 3 months.

This is the only time imgbb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.19.58.156 162.19.58.156	16276 (OVH) (OVH)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3037::6815:468	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 36	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::62 2620:1ec:46::62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
22	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
17	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.39.142.185 13.39.142.185	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 10	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a39e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
125	24

1 162.19.58.156 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3096358.ip-162-19-58.eu

ns1.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

imgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3037::6815:468 (United States)

ASN13335 (CLOUDFLARENET, US)

simgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::62 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.39.142.185 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-39-142-185.eu-west-3.compute.amazonaws.com

tk.illicado.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:3500:1b::1724:a39e (Frankfurt am Main, Germany) 4 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	472 KB
22	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 csm.eu.criteo.net — Cisco Umbrella Rank: 9625 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143	283 KB
15	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	171 KB
10	bing.com 4 redirects www.bing.com — Cisco Umbrella Rank: 60	15 KB
10	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1605 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6997	60 KB
6	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16218	62 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	113 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	322 KB
5	simgbb.com simgbb.com — Cisco Umbrella Rank: 207329	139 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
3	google.com 1 redirects mts0.google.com — Cisco Umbrella Rank: 4606 www.google.com — Cisco Umbrella Rank: 2	24 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4453	75 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	5 KB
1	illicado.com tk.illicado.com	368 B
1	imgbb.com imgbb.com — Cisco Umbrella Rank: 294229	9 KB
1	ibb.co 1 redirects ns1.ibb.co — Cisco Umbrella Rank: 343955	74 B
125	17

	Domain	Requested by
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
16	pagead2.googlesyndication.com	imgbb.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
10	www.bing.com	4 redirects googleads.g.doubleclick.net
8	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	simgbb.com	imgbb.com simgbb.com
4	csm.eu.criteo.net	ads.eu.criteo.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	imgbb.com googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googleadservices.com	googleads.g.doubleclick.net
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	cdn.adnxs.com	googleads.g.doubleclick.net
2	adsdk.microsoft.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	imageproxy.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	mts0.google.com	googleads.g.doubleclick.net
1	tk.illicado.com	ads.eu.criteo.com
1	imgbb.com
1	ns1.ibb.co	1 redirects
125	26

This site contains links to these domains. Also see Links.

Domain
api.imgbb.com
ar.imgbb.com
bg-bg.imgbb.com
cs.imgbb.com
da.imgbb.com
de.imgbb.com
el.imgbb.com
es.imgbb.com
et-ee.imgbb.com
fa.imgbb.com
fi.imgbb.com
fr.imgbb.com
he.imgbb.com
hr.imgbb.com
hu.imgbb.com
id.imgbb.com
it.imgbb.com
ja.imgbb.com
ko.imgbb.com
lt-lt.imgbb.com
nb.imgbb.com
nl.imgbb.com
pl.imgbb.com
pt.imgbb.com
pt-br.imgbb.com
ru.imgbb.com
sk.imgbb.com
sr-rs.imgbb.com
sv.imgbb.com
th.imgbb.com
tr.imgbb.com
uk.imgbb.com
vi.imgbb.com
zh-cn.imgbb.com
zh-tw.imgbb.com

Subject Issuer	Validity	Valid
imgbb.com GTS CA 1P5	`2023-10-31` - `2024-01-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
simgbb.com GTS CA 1P5	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
tk.illicado.com R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-03-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://imgbb.com/
Frame ID: BFF3680A8E1A52293E75B4DE2DBAD2FE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 9E70D0788583DF09E46253B0D3EB341E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&adk=3895348141&adf=3876334049&lmt=1703067948&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x540_l%7C128x540_r&format=0x0&url=https%3A%2F%2Fimgbb.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948351&bpp=2&bdt=258&idt=237&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2615147498797&frm=20&pv=2&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=250
Frame ID: D833E95DE0371B48C5AF132E107384EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=90&slotname=2725978955&adk=3324621644&adf=2454439644&pi=t.ma~as.2725978955&w=1200&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=2&format=1200x90&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948353&bpp=1&bdt=260&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=252
Frame ID: B44868E6C62D18B19752525A342327B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=6996232155&adk=2999726218&adf=369238792&pi=t.ma~as.6996232155&w=300&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=300x250&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=261&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=254
Frame ID: FB15C64355B850C4FB692D3FA21CA36F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=280&slotname=7983200130&adk=2361693376&adf=2893959185&pi=t.ma~as.7983200130&w=336&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=336x280&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=260&idt=255&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C300x250&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=657&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=257
Frame ID: C40C1A31CB4A1C3F85F5B299224EE3EB
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=2730873455&adk=1733273038&adf=3448852475&pi=t.ma~as.2730873455&w=250&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=250x250&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=261&idt=259&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C300x250%2C336x280&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1013&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=260
Frame ID: B7039F5D75613C793AD82933974A42B3
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZYLBLAAKC_8I9kZSAA8D-mAccFciEzd3rYFn3Q&u=%7CmwOexDnQp64j%2FvQ5%2BWCpQRaI8p4WtHINAYvewX1zjuo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9ZUJzdDMzw91arTJCFiztuwo4zntpv6uecOE_ZczcbCusXNKLhCqyx9-fVar4fWGybxhm29UtEqsScTFeV3_OI3S9915-xuht7yNYhipT8DtIv_9QaNiMsDswOgbgcU5U9sHdXQuxkyqqGZjW0O6juCEKvgIA6kq1lF24ajeiQqA3vXC2OykxkE9vP0aA7_yu5oa08T9KT64SDzlFAsD1ZxPcvoabhd2uOXkiabHcH6_0f9nQcDb9J2VMeUHuQuScxTQN9CTE6l8OeApwxNzM6siG_1RCesYvmaMNkw94rNjXBIZgbF5mvV6Vz5fSDBCT5yA60x8MrQioXGV0QbPVEPntcXTzBRNg28AZd49hg6g6BQQzkd5qnlRqwTx36GupBc79-mMxE-jP7OZonLzhGGBah2qIdBqL2VNJ88YkMqp-lBUEGMpp_hlpMYuf_55Re3GyoAqDqIfrc8sSkm_MIVs7EkYGyfxP7TP0Tm6P4pcYmuzxMSG_K-oDP8YP20x9QwFNyQLd-iQJirH3qiaviXT6KLW0sTklqMRuaFOZirdfekUuN63JMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClMXpLMGCZf-XKNKM2fcP-oe82A7JntKxXNWdkfdwwI23ARABIABg--GFg5wKggEXY2EtcHViLTY3MjE3MDQ5NzI5MTQzNDnIAQmpAjPfZi_6Z7I-qAMByAMCqgSvAU_QKb1zIrz09ruqP-NarJ8pBRs1y54IjtlZJZDZsCaqByCRUSpAl2C9sSWTu3wOdGUv5Y75EKZdFJRG7CculrXHi6nmLAqb9HZN5rv6iPX1CNEN69rGXTa6LsO2pIROUXzb2SV6IDMtU0m3bCAychkdggka-MnwDs8gR40ZsHi5hqELn-ecjEa7A_tOEmelTRIwRAfd20yfzMNEpexcydqezhfbQ0csL6u87vmG42KABqKnu9rj0Kjv2QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYx6HuwOadgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10lmG2whAgGvoqR9KbmHEWSlvoag%26client%3Dca-pub-6721704972914349%26adurl%3D
Frame ID: 4EAD0A592D31C4A82E7F90EB94D1D90F
Requests: 12 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 5BB0C3EF93A213BF3B50FCD9AC93EB01
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: A3E152206C4097B25E881602B77BA733
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7914BA9D0C57BD729AD677989C61F02F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 73758B707A8BBF9E2D6B4EE8D4303366
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZYLBLAAKFQMI9kacAAY-V7Dg6WWeGwt9TYlvkQ&u=%7CmwOexDnQp64Gv2odjHjWv7UvOnm6W2L7hDnbQeRr%2BYE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9ZUJzdDMzw91arTJCFiztu6IyeL1aAJ2gpp8_KlOfeq5Ti-FjfN1tDC882tv6bYxbzhFUE409kMGI1KfkyqA6KoX_LU4gTpV-r_USXtDVzzYouwnRxGVUYJQ6qrRoXLHRfyIhdO13LsfHwDD3sHDUaBBWRXZQ6cCDBV4GqcI36wwY-bvDPwHf1-P-mE0U8IykGWgDgOxo8b9ZEmMLhp8yDqB945iGrkMGvbxjiahRTnzU1P-2WnrQR9bqsOgDE_v4dwCeONIHD4XQGqIKXiJbx5_BGzS90elT7-JZTQEHHKE7kgKfLGmVQZp2HdGSN-qWPIV4VYhlQf5BiDngi7jyVV0FHoAWHAuYOVhkMQykcIUQt9uiL5yeVucDJD8ojDbAUGq8Unak_ECBu1Psyzz4OHghxB7pOCtgyN9PNozRbGzi8vIGZnfvHl1XXWU4HCZ5XRreBvswHRC3T1aaPIbHCOWHjC6313uFTclWvQ-RsRg55g2vckHY5EgiYKAk77j_uPYrAl_wO0-i6jNTKX5Z6zbvg7hzFr216i7CcbTxH4tXqMjFJzXK28zOtMjQVt9e&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8ATWLMGCZYOqKJyN2fcP1_yYoAXJntKxXM3hkvdwwI23ARABIABg--GFg5wKggEXY2EtcHViLTY3MjE3MDQ5NzI5MTQzNDnIAQmpApSh7m2vZrI-qAMByAMCqgSwAU_QDjEE9gh_P0HG--BWtAyhI1ON2iOwpjromNJppFgVWVEbzPNFzGICWsDTdz-B3Qn76uV3mD-CgExaxEYrP36hIB4pmUmbvRdU20vHh95HQCnPmhe-3Yo_ndU4V1GrgyovHdS6iMCKwPadyaao-PQiPIkePO7U5VbLWwmPPjyOW0EBeXk4RFnuhONQc__201vJ1BK3XY9d2cOOHhnkFs25cdmgevBfRRJG6giykRhmgAal5pm70ujht-UBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPis7sDmnYMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2_XwVNNP7D7U0cjYAbyayGAPhIQw%26client%3Dca-pub-6721704972914349%26adurl%3D
Frame ID: F23E32D521177E7028D5892DF03B0073
Requests: 16 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0AB4890185A13F74EE5F260C26D862D8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 21B7D7E8E0A215763D610D47F75C9A4F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: C38D7C6356A040CC11B6DCFB57A11FA2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7E0CEAF90464EFF3000B9EBB2DA9DEB0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D6205DFF046C0A63F416EA72E543147
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ImgBB — Upload Image — Hébergement d'images gratuit

Page URL History Show full URLs

http://ns1.ibb.co/ HTTP 307
https://ns1.ibb.co/ HTTP 301
https://imgbb.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

125
Requests

96 %
HTTPS

75 %
IPv6

17
Domains

26
Subdomains

24
IPs

3
Countries

1753 kB
Transfer

4437 kB
Size

9
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://api.imgbb.com/
Title: API

Search URL Search Domain Scan URL

URL: https://ar.imgbb.com/
Title: العربية

Search URL Search Domain Scan URL

URL: https://bg-bg.imgbb.com/
Title: Български

Search URL Search Domain Scan URL

URL: https://cs.imgbb.com/
Title: Čeština

Search URL Search Domain Scan URL

URL: https://da.imgbb.com/
Title: Dansk

Search URL Search Domain Scan URL

URL: https://de.imgbb.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://el.imgbb.com/
Title: Ελληνικά

Search URL Search Domain Scan URL

URL: https://es.imgbb.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://et-ee.imgbb.com/
Title: Eesti (Eesti)

Search URL Search Domain Scan URL

URL: https://fa.imgbb.com/
Title: فارسی

Search URL Search Domain Scan URL

URL: https://fi.imgbb.com/
Title: Suomi

Search URL Search Domain Scan URL

URL: https://fr.imgbb.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://he.imgbb.com/
Title: עברית

Search URL Search Domain Scan URL

URL: https://hr.imgbb.com/
Title: Hrvatski

Search URL Search Domain Scan URL

URL: https://hu.imgbb.com/
Title: Magyar

Search URL Search Domain Scan URL

URL: https://id.imgbb.com/
Title: Bahasa Indonesia

Search URL Search Domain Scan URL

URL: https://it.imgbb.com/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://ja.imgbb.com/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://ko.imgbb.com/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://lt-lt.imgbb.com/
Title: Lietuvių (Lietuva)

Search URL Search Domain Scan URL

URL: https://nb.imgbb.com/
Title: ‪Norsk Bokmål‬

Search URL Search Domain Scan URL

URL: https://nl.imgbb.com/
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://pl.imgbb.com/
Title: Polski

Search URL Search Domain Scan URL

URL: https://pt.imgbb.com/
Title: Português

Search URL Search Domain Scan URL

URL: https://pt-br.imgbb.com/
Title: Português (Brasil)

Search URL Search Domain Scan URL

URL: https://ru.imgbb.com/
Title: Русский

Search URL Search Domain Scan URL

URL: https://sk.imgbb.com/
Title: Slovenčina

Search URL Search Domain Scan URL

URL: https://sr-rs.imgbb.com/
Title: Српски

Search URL Search Domain Scan URL

URL: https://sv.imgbb.com/
Title: Svenska

Search URL Search Domain Scan URL

URL: https://th.imgbb.com/
Title: ไทย

Search URL Search Domain Scan URL

URL: https://tr.imgbb.com/
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://uk.imgbb.com/
Title: Українська

Search URL Search Domain Scan URL

URL: https://vi.imgbb.com/
Title: Tiếng Việt

Search URL Search Domain Scan URL

URL: https://zh-cn.imgbb.com/
Title: 简体中文

Search URL Search Domain Scan URL

URL: https://zh-tw.imgbb.com/
Title: 繁體中文

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ns1.ibb.co/ HTTP 307
https://ns1.ibb.co/ HTTP 301
https://imgbb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=35a587fe-11d0-41db-8b48-44321ef1ccb6&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=84a78baa-f9f4-4894-829f-49f28a3ab3db&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D31f63e16608c45d8afe53bc50db79d94%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=2959587580991025330 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=31f63e16608c45d8afe53bc50db79d94&SNR=1&GV=2&med=10

Request Chain 57

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4954d7cd-f716-469e-8276-82b927a165c1&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=cc5a5cf4-3510-452b-85f5-e1c5c78893c9&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D0a10d94250ce4a6e982da6994262f42e%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=5227331998173256228 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=0a10d94250ce4a6e982da6994262f42e&SNR=1&GV=2&med=10

Request Chain 61

https://googleads.g.doubleclick.net/pagead/adview?ai=CCxxULMGCZeOnKIWbzQaPnoLwD7aQzch05KS387MSxNv-47QOEAEgjsywkAFg--GFg5wKoAHXl6W0AsgBCakClKHuba9msj6oAwHIA8sEqgS5AU_QTuJnjpCnJ6wpcFjd2AFsZnb9Bj2Vhy3lUg5Gd3IpnDeelx2h_bfM5iRwmWpq2FlMLqYWZiaq8CM7Hdf6A2YjiQh6H6dcCrRagE9CvrUMev97nGPaf41e8FcCUIAEFNn5IDkzlLFmm1RKTre9NC9pjclKqxJzqi_Q9Hw-Rcju_iYv0qZcrpPoEi1jxvYAuTAR6s2tPbczOxoqRy00nuJLkeJR9toNHje_BdDAGNMvpoecXZAtDyGkwATz1_qHrwSIBavJgutJkgUECAQYAZIFBAgFGASgBi6AB_HC9DaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBC0pA_SCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNet7sDmnYMDmglJaHR0cHM6Ly93d3cua3J5cy5jb20vYXVkaXRpb24vc2VydmljZXMtZXQtZ2FyYW50aWVzL2xlLTEwMC1zYW50ZS1hdWRpdGlvboAKAcgLAZgM_92056AEogwcKhoKGOS0sQLutbECtbixAqy6sQLktLEC7rWxArgTgwTYEw7QFQGAFwGyFxwKGggAEhRwdWItNjcyMTcwNDk3MjkxNDM0ORgA&sigh=VNQic3Z9jXc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_U2JAVIdRk6cLXoZndP-SMMowcLdyRZCjLf-47XPcUJaz-v-mATu6mVSe8BkkK2_aMwZaU1WfWJx2bfcCTx4Ce-Bwt64CmUzIiL8YAQ&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215383615221347053203%22,%22debug_reporting%22:true,%22destination%22:%22https://krys.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22646532055%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224822124171215036641%22}&andc=true

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=35a587fe-11d0-41db-8b48-44321ef1ccb6&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=84a78baa-f9f4-4894-829f-49f28a3ab3db&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D31f63e16608c45d8afe53bc50db79d94%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=2959587580991025330 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=31f63e16608c45d8afe53bc50db79d94&tids=15000&med=10

Request Chain 117

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4954d7cd-f716-469e-8276-82b927a165c1&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=cc5a5cf4-3510-452b-85f5-e1c5c78893c9&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D0a10d94250ce4a6e982da6994262f42e%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=5227331998173256228 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=0a10d94250ce4a6e982da6994262f42e&tids=15000&med=10

125 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
imgbb.com/
Redirect Chain

http://ns1.ibb.co/
https://ns1.ibb.co/
https://imgbb.com/

36 KB
9 KB

339ms
286ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://imgbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a0b7fa68b8149ab30ae549daa04a90f360491c04e94daf8265b0625293184fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83872ef1cbcf7848-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 20 Dec 2023 10:25:48 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plW2KtB92Crzqyujzrd8zkKnEG1p7HKcKmbxebmuXq%2FwwE7IgcMfSVYrw%2B%2Ft%2FAfOKFshhLqKWAJb97ZhEY8uGh%2F9yCtEDvieg1AGKXZPNjPiY8qGnrEj%2FJX8%2BnBOtu%2Fyt72M83In3J4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: DENY

Redirect headers

content-length: 162
content-type: text/html
date: Wed, 20 Dec 2023 10:25:47 GMT
location: https://imgbb.com/
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
2 KB 93ms
37ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ec57c1c6101209d29c823c7bbc66e159ed703d25a6e0e844e4d6576714039e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 10:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 10:19:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 10:25:48 GMT

GET
H2 200 ibb.css
simgbb.com/5286/ 115 KB
26 KB 82ms
30ms Stylesheet
text/css 2606:4700:3037::6815:468
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/5286/ibb.css
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a34f1460a98ed2b7fae6e1ab1fb7af96490a0aaa0aca25f9381a5e179e28327

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 10:25:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2247
etag: W/"657c2990-1cc64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6svReleyVi3bKfWWeuA7NfQsvzOyZlzQDqphoWfaJRsSHt3Oq9jC0lDlj1xTanSKwHjz6xxeU8mgcFy%2BzUp81J%2BO8boZ0uVjvdYpPANnixdUxHj3e7xNQvSK5l2OBSyISX1YwJOKxaAO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 83872ef3ffef0475-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 129ms
72ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6721704972914349

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c26a529b435e5f69031bdd0551951af3a0339992e66ab4eae62235bac204503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Origin: https://imgbb.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51331
x-xss-protection: 0
server: cafe
etag: 10851838458194800944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:25:48 GMT

GET
H2 200 logo.png
simgbb.com/images/ 938 B
1 KB 24ms
24ms Image
image/png 2606:4700:3037::6815:468
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simgbb.com/images/logo.png
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:48 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1983
etag: "65745f1d-3aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItRZS0KZqAI7zHT89cm9QOIwlZFGJG9cAz3Obsfc2d4cqNdlZ%2FX3KncFQpi37LSTkc7VQkLWujaU7UtfYQlpBp31BNV6eIB%2BlnYyufT%2B%2BeAAnP0HJwEcVVb%2FAxzHXx9DtuJPVRBczpSi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83872ef438490475-CDG
alt-svc: h3=":443"; ma=86400
content-length: 938

GET
H2 200 jquery2.js Show response
simgbb.com/5286/ 113 KB
41 KB 29ms
28ms Script
application/javascript 2606:4700:3037::6815:468
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/5286/jquery2.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c855cf592efb8719926ef24f95a225623ceea83bbac08894eb50bae312cf72

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 10:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 541
etag: W/"657c299b-1c529"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEhxE9ayx6%2B5lgyxFQJYV%2BE%2FUh0Eu6a6BxNrcP8ZNfuX%2B0vODDh7191mF3drb78YgRcNnFyIo6T7c%2FMPvO5bhb9qNYv1hzI8DJNA98HOrIXrvaiYD1SU8CpFvKM%2BS%2BGzdWaFOGyBzCCD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 83872ef4384f0475-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 ibb.js Show response
simgbb.com/5286/ 214 KB
62 KB 35ms
34ms Script
application/javascript 2606:4700:3037::6815:468
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/5286/ibb.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc7932b7a63af2f11d40d1d6448260b0fc29bae808b9e4978ed5a326f8cf5ce1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 10:25:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2210
etag: W/"657c2997-3597d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlR4wFqIZnq7rb1rZT2s3LnkhfwOugfA1MR3r3JGPy%2BjpMaobdKa3iezbwdb%2FnWRHtJNxObej8WmYGrDwu8jh9S3FLMCrbAkdaOwG4r2m36Glmhh3oPl2W3U5crYcecnUGwYiRqX2uts"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 83872ef438510475-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 imgbb.woff2
simgbb.com/fonts/ 8 KB
9 KB 64ms
24ms Font
font/woff2 2606:4700:3037::6815:468
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/fonts/imgbb.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/5286/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13

Request headers

Referer: https://simgbb.com/5286/ibb.css
Origin: https://imgbb.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5796
alt-svc: h3=":443"; ma=86400
content-length: 8468
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
server: cloudflare
etag: "65745f1d-2114"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXstcGiDqDRdW%2Fs7AGXNuK5odP%2BLljcWo9%2FKzq0jW%2BRM6CU7PZLdW2xh15Z7amv6e1nHonNtQghOX7SVz1Eyuo8p9LE1BGRvERJ8porndwHPzz0E5EgoxojXR5KiUZo1E46jGGUQa8Ao"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83872ef478f002d5-CDG

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 81ms
24ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imgbb.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 06:07:43 GMT
x-content-type-options: nosniff
age: 533885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 06:07:43 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 138ms
88ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6721704972914349&plah=imgbb.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6721704972914349

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c9cda82aff5bef3223d47c149ac7a2b4562fa01c0634f71e085698dc4c9d193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137959
x-xss-protection: 0
server: cafe
etag: 7802243952790494820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:25:48 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 9E70 9 KB
4 KB 80ms
24ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6721704972914349

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 40015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 23:18:53 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 23:18:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D833 245 KB
61 KB 1187ms
1161ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&adk=3895348141&adf=3876334049&lmt=1703067948&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x540_l%7C128x540_r&format=0x0&url=https%3A%2F%2Fimgbb.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948351&bpp=2&bdt=258&idt=237&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2615147498797&frm=20&pv=2&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=250

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6721704972914349&plah=imgbb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bf8837c93d4e4b973ec86cb0840244363d95ebf2a782780d8fc6aa026192d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61960
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:25:49 GMT
expires: Wed, 20 Dec 2023 10:25:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=top-bar&cls=top-bar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B448 56 KB
19 KB 503ms
480ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=90&slotname=2725978955&adk=3324621644&adf=2454439644&pi=t.ma~as.2725978955&w=1200&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=2&format=1200x90&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948353&bpp=1&bdt=260&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=252

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c9948e2a3bf566f0b733f6e61dd3f215609cfb12a3606460b338d4091f737e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:25:49 GMT
expires: Wed, 20 Dec 2023 10:25:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB15 36 KB
14 KB 447ms
428ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=6996232155&adk=2999726218&adf=369238792&pi=t.ma~as.6996232155&w=300&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=300x250&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=261&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=254

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1620adae7eb8d2ac0f400c88d47a1d45d095ea3e224c5e4e15db1d83403fb5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14663
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:25:49 GMT
expires: Wed, 20 Dec 2023 10:25:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C40C 45 KB
18 KB 407ms
390ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=280&slotname=7983200130&adk=2361693376&adf=2893959185&pi=t.ma~as.7983200130&w=336&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=336x280&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=260&idt=255&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C300x250&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=657&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=257

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f490af1be5aa21a3200bee659a8406e9e9b0acfc6f24ef255861660c98d5760a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17873
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:25:49 GMT
expires: Wed, 20 Dec 2023 10:25:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B703 154 KB
46 KB 528ms
515ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=2730873455&adk=1733273038&adf=3448852475&pi=t.ma~as.2730873455&w=250&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=250x250&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=261&idt=259&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C300x250%2C336x280&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1013&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=260

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1558e8801993356dba3a2b0416db17c0f11dd02b53cc92a2629ab0b62ebd4b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46925
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:25:49 GMT
expires: Wed, 20 Dec 2023 10:25:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame C40C 94 KB
38 KB 204ms
37ms Script
application/javascript 2620:1ec:46::62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=280&slotname=7983200130&adk=2361693376&adf=2893959185&pi=t.ma~as.7983200130&w=336&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=336x280&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=260&idt=255&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C300x250&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=657&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=257
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3921a1b162dfde77a136eb59baeab096961820fe6a881d0e66a5b125792dd334

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 20 Dec 2023 10:25:49 GMT
content-encoding: br
last-modified: Tue, 12 Dec 2023 23:02:54 GMT
vary: Accept-Encoding
x-azure-ref: 20231220T102549Z-0w5ayx3b1x3nr18uf4krghm2pw00000000u000000001bzq7
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 20dc8529-901e-0032-63cd-321dab000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame C40C 80 KB
28 KB 70ms
18ms Script
application/x-javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=280&slotname=7983200130&adk=2361693376&adf=2893959185&pi=t.ma~as.7983200130&w=336&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=336x280&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=260&idt=255&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C300x250&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=657&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Wed, 20 Dec 2023 10:25:49 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 3010728
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21956-LGA, cache-lcy-eglc8600053-LCY
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1703067949.087475,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 42, 1290477

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C40C 3 KB
1 KB 91ms
33ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=280&slotname=7983200130&adk=2361693376&adf=2893959185&pi=t.ma~as.7983200130&w=336&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=336x280&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=260&idt=255&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C300x250&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=657&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:38:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C40C 20 KB
9 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C40C 203 KB
65 KB 107ms
100ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:25:49 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4EAD 52 KB
20 KB 78ms
38ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZYLBLAAKC_8I9kZSAA8D-mAccFciEzd3rYFn3Q&u=%7CmwOexDnQp64j%2FvQ5%2BWCpQRaI8p4WtHINAYvewX1zjuo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9ZUJzdDMzw91arTJCFiztuwo4zntpv6uecOE_ZczcbCusXNKLhCqyx9-fVar4fWGybxhm29UtEqsScTFeV3_OI3S9915-xuht7yNYhipT8DtIv_9QaNiMsDswOgbgcU5U9sHdXQuxkyqqGZjW0O6juCEKvgIA6kq1lF24ajeiQqA3vXC2OykxkE9vP0aA7_yu5oa08T9KT64SDzlFAsD1ZxPcvoabhd2uOXkiabHcH6_0f9nQcDb9J2VMeUHuQuScxTQN9CTE6l8OeApwxNzM6siG_1RCesYvmaMNkw94rNjXBIZgbF5mvV6Vz5fSDBCT5yA60x8MrQioXGV0QbPVEPntcXTzBRNg28AZd49hg6g6BQQzkd5qnlRqwTx36GupBc79-mMxE-jP7OZonLzhGGBah2qIdBqL2VNJ88YkMqp-lBUEGMpp_hlpMYuf_55Re3GyoAqDqIfrc8sSkm_MIVs7EkYGyfxP7TP0Tm6P4pcYmuzxMSG_K-oDP8YP20x9QwFNyQLd-iQJirH3qiaviXT6KLW0sTklqMRuaFOZirdfekUuN63JMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClMXpLMGCZf-XKNKM2fcP-oe82A7JntKxXNWdkfdwwI23ARABIABg--GFg5wKggEXY2EtcHViLTY3MjE3MDQ5NzI5MTQzNDnIAQmpAjPfZi_6Z7I-qAMByAMCqgSvAU_QKb1zIrz09ruqP-NarJ8pBRs1y54IjtlZJZDZsCaqByCRUSpAl2C9sSWTu3wOdGUv5Y75EKZdFJRG7CculrXHi6nmLAqb9HZN5rv6iPX1CNEN69rGXTa6LsO2pIROUXzb2SV6IDMtU0m3bCAychkdggka-MnwDs8gR40ZsHi5hqELn-ecjEa7A_tOEmelTRIwRAfd20yfzMNEpexcydqezhfbQ0csL6u87vmG42KABqKnu9rj0Kjv2QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYx6HuwOadgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10lmG2whAgGvoqR9KbmHEWSlvoag%26client%3Dca-pub-6721704972914349%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=6996232155&adk=2999726218&adf=369238792&pi=t.ma~as.6996232155&w=300&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=300x250&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=261&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=254

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

159c0c0e0a365ce59fdae3abe3b22a04be6916d21f2478f0e9bcd98af634529a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:25:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mZurLTw9UfPkK5uN1s_Bderdh8VtZAHVhWSJD1GvddWY9XEchstDiFQ0g0mA6Zgd40AHBqOzm8_CRU4fdV1nTbi4H6Pdb3VhPLzjzxaLPwzhVuU8jX7DHu-sytCAxrGDxKHtN3G8jmIrHWIiCdeqgo2sqFS2K-o4F88llImvvc4qsK_ZH-KO1CA-rf9sOI7Py_3GXWOxcsXbp0ZsG9aSwDdVJlpFmcV41q6clISs0NAyalfIi_Fd-lYwXUIwzMHr_DmZ2w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 2988377
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FB15 3 KB
1 KB 52ms
32ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:38:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FB15 20 KB
8 KB 48ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FB15 202 KB
61 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:31:35 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 5BB0 94 KB
38 KB 106ms
37ms Script
application/javascript 2620:1ec:46::62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=90&slotname=2725978955&adk=3324621644&adf=2454439644&pi=t.ma~as.2725978955&w=1200&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=2&format=1200x90&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948353&bpp=1&bdt=260&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=252
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3921a1b162dfde77a136eb59baeab096961820fe6a881d0e66a5b125792dd334

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 20 Dec 2023 10:25:49 GMT
content-encoding: br
last-modified: Tue, 12 Dec 2023 23:02:54 GMT
vary: Accept-Encoding
x-azure-ref: 20231220T102549Z-0w5ayx3b1x3nr18uf4krghm2pw00000000u000000001bzq6
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 20dc8529-901e-0032-63cd-321dab000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 5BB0 80 KB
28 KB 18ms
17ms Script
application/x-javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=90&slotname=2725978955&adk=3324621644&adf=2454439644&pi=t.ma~as.2725978955&w=1200&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=2&format=1200x90&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948353&bpp=1&bdt=260&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=252
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Wed, 20 Dec 2023 10:25:49 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 3010729
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21956-LGA, cache-lcy-eglc8600053-LCY
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1703067949.132966,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 42, 1290478

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5BB0 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=90&slotname=2725978955&adk=3324621644&adf=2454439644&pi=t.ma~as.2725978955&w=1200&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=2&format=1200x90&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948353&bpp=1&bdt=260&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:38:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5BB0 20 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BB0 203 KB
64 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:25:49 GMT

GET
DATA 200
OK truncated
/ Frame FB15 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c01ae5001dc56ac555dc8cce67ffc6ab6f3486e8059b348618862b1277d7376

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame B703 14 KB
1 KB 38ms
38ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=2730873455&adk=1733273038&adf=3448852475&pi=t.ma~as.2730873455&w=250&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=250x250&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=261&idt=259&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C300x250%2C336x280&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1013&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 10:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 10:01:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 10:25:49 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame B703 225 B
249 B 29ms
29ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 04:32:33 GMT
x-content-type-options: nosniff
server: cafe
age: 21196
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Thu, 21 Dec 2023 04:32:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B703 2 KB
822 B 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame B703 23 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B703 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:38:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B703 20 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B703 203 KB
64 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:25:49 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame B703 37 KB
16 KB 84ms
27ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 13:56:43 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4EAD 2 KB
1 KB 79ms
22ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZYLBLAAKC_8I9kZSAA8D-mAccFciEzd3rYFn3Q&u=%7CmwOexDnQp64j%2FvQ5%2BWCpQRaI8p4WtHINAYvewX1zjuo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9ZUJzdDMzw91arTJCFiztuwo4zntpv6uecOE_ZczcbCusXNKLhCqyx9-fVar4fWGybxhm29UtEqsScTFeV3_OI3S9915-xuht7yNYhipT8DtIv_9QaNiMsDswOgbgcU5U9sHdXQuxkyqqGZjW0O6juCEKvgIA6kq1lF24ajeiQqA3vXC2OykxkE9vP0aA7_yu5oa08T9KT64SDzlFAsD1ZxPcvoabhd2uOXkiabHcH6_0f9nQcDb9J2VMeUHuQuScxTQN9CTE6l8OeApwxNzM6siG_1RCesYvmaMNkw94rNjXBIZgbF5mvV6Vz5fSDBCT5yA60x8MrQioXGV0QbPVEPntcXTzBRNg28AZd49hg6g6BQQzkd5qnlRqwTx36GupBc79-mMxE-jP7OZonLzhGGBah2qIdBqL2VNJ88YkMqp-lBUEGMpp_hlpMYuf_55Re3GyoAqDqIfrc8sSkm_MIVs7EkYGyfxP7TP0Tm6P4pcYmuzxMSG_K-oDP8YP20x9QwFNyQLd-iQJirH3qiaviXT6KLW0sTklqMRuaFOZirdfekUuN63JMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClMXpLMGCZf-XKNKM2fcP-oe82A7JntKxXNWdkfdwwI23ARABIABg--GFg5wKggEXY2EtcHViLTY3MjE3MDQ5NzI5MTQzNDnIAQmpAjPfZi_6Z7I-qAMByAMCqgSvAU_QKb1zIrz09ruqP-NarJ8pBRs1y54IjtlZJZDZsCaqByCRUSpAl2C9sSWTu3wOdGUv5Y75EKZdFJRG7CculrXHi6nmLAqb9HZN5rv6iPX1CNEN69rGXTa6LsO2pIROUXzb2SV6IDMtU0m3bCAychkdggka-MnwDs8gR40ZsHi5hqELn-ecjEa7A_tOEmelTRIwRAfd20yfzMNEpexcydqezhfbQ0csL6u87vmG42KABqKnu9rj0Kjv2QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYx6HuwOadgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10lmG2whAgGvoqR9KbmHEWSlvoag%26client%3Dca-pub-6721704972914349%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:25:49 GMT

GET
H2 200 adchoices_fr.svg
static.criteo.net/flash/icon/ Frame 4EAD 2 KB
1 KB 81ms
24ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_fr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-75e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:25:49 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4EAD 308 B
636 B 63ms
21ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 14 Dec 2024 10:25:49 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4EAD 293 B
622 B 62ms
20ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 14 Dec 2024 10:25:49 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4EAD 43 B
348 B 109ms
22ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=yNKAX1GmkkRO_KppzHfOVp1m3BgwYshjt7uSKtSPU754o7kgUOaU3KtOEAyG3fsPD5wFaHV0kW_PdcioHm9JxzyGqAQtZBAVtdCMkoFv6fxs1166-ipJFuK2PuVG7nP4QDSpBFkoU9edcQEXI6ZQoAkNE3-8h_tnUM2X99KTfGD9eO-M6wERolocuMgdvqZHwrM0WbSl0O_mKTt4R9YOHWZVd6ExYrgqaawFk8k2hMrMYi5RtzMw0ObwHlX0YbmjbnzwrUL7OBe7clb_rskhG17W2t3dGNthZAty7mEQ8XLa95uumPaSmIit2nuvbmwYHpSECRBB2K29_GQ2hnoi95-PW5GuyMRuNC9XLjsoM8EploYc6ohYs03M_PtOyA9i27bE8a090eAHbfLWjeQ4Nx5IK0tVLwNZP8XO8rn2uZhxzQ4dWgwtt_tFWKWNA4jf9hfdwQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2618738
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 view.gif
tk.illicado.com/v/ Frame 4EAD 43 B
368 B 127ms
19ms Image
image/gif 13.39.142.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk.illicado.com/v/view.gif?wiz_aid=A50262&wiz_tid=3&wiz_medium=display&wiz_source=criteo&wiz_campaign=noel2023_acq&gdpr=crto_macro&crto_macro

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.39.142.185 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-39-142-185.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
p3p: CP="NON DSP COR ADM PSA IVA OUR STP NAV"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43

GET
H2 200 48a38111450949629f25638df1681525_image_ad_300x250.png
static.criteo.net/design/dt/24293/5141162/ Frame 4EAD 53 KB
53 KB 84ms
42ms Image
image/png 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/24293/5141162/48a38111450949629f25638df1681525_image_ad_300x250.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5a7a0bfbb308b16f6d2807f0f16731ac9b84a3fc7567ad0a4ccbc0bb40e4a081

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 27 Nov 2023 10:22:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65646dda-d213"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 53779
expires: Sat, 14 Dec 2024 10:25:49 GMT

GET
H2 200 data=b5OWhip-KAjohUc0cYiMhSA0TVZTpJbWycFoFF4kEHdtgbC4H-aLx3OIciF-7WOQ2STZehAk8h4E04OgdzkFYf-jd06du12eCIk-sic0ENUgRXO99jYj9fQs
mts0.google.com/vt/ Frame B703 22 KB
23 KB 251ms
138ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=b5OWhip-KAjohUc0cYiMhSA0TVZTpJbWycFoFF4kEHdtgbC4H-aLx3OIciF-7WOQ2STZehAk8h4E04OgdzkFYf-jd06du12eCIk-sic0ENUgRXO99jYj9fQs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

238e4f29e4564f801c458e9af757de4149acda06eec61c28b2963beed6ee671c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
date: Wed, 20 Dec 2023 10:25:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22724
x-xss-protection: 0
x-server-version-bin: CggIBBDd2OmrBg==
server: scaffolding on HTTPServer2
etag: 087bc3731992d5a1a
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Wed, 20 Dec 2023 11:25:49 GMT

GET
DATA 200
OK truncated
/ Frame B703 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B703 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 all
csm.eu.criteo.net/ Frame 4EAD 0
128 B 62ms
21ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=mZurLTw9UfPkK5uN1s_Bderdh8VtZAHVhWSJD1GvddWY9XEchstDiFQ0g0mA6Zgd40AHBqOzm8_CRU4fdV1nTbi4H6Pdb3VhPLzjzxaLPwzhVuU8jX7DHu-sytCAxrGDxKHtN3G8jmIrHWIiCdeqgo2sqFS2K-o4F88llImvvc4qsK_ZH-KO1CA-rf9sOI7Py_3GXWOxcsXbp0ZsG9aSwDdVJlpFmcV41q6clISs0NAyalfIi_Fd-lYwXUIwzMHr_DmZ2w&sds=2&rev=89863&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 20 Dec 2023 10:25:48 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4EAD 2 KB
1 KB 60ms
60ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:25:49 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4EAD 2 KB
1 KB 59ms
59ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:25:49 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 5BB0
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=35a587fe-11d0-41db-8b48-44321ef1ccb6&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=84a78baa-f9f4-4894...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=31f63e16608c45d8afe53bc50db79d94&SNR=1&GV=2&med=10

0
548 B

79ms
78ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=31f63e16608c45d8afe53bc50db79d94&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=90&slotname=2725978955&adk=3324621644&adf=2454439644&pi=t.ma~as.2725978955&w=1200&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=2&format=1200x90&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948353&bpp=1&bdt=260&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=252
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E9CAA36C7BA04B3F89CB8DA466D79A34 Ref B: FRA31EDGE0720 Ref C: 2023-12-20T10:25:49Z
x-cdn-traceid: 0.9ea12417.1703067949.1fa8ca5b
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 20 Dec 2023 10:25:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B670115AADB846F490E11FF30809A39E Ref B: FRA31EDGE0117 Ref C: 2023-12-20T10:25:49Z
x-cdn-traceid: 0.9ea12417.1703067949.1fa8c991
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=31f63e16608c45d8afe53bc50db79d94&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 5BB0 4 KB
5 KB 116ms
38ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7353096405856_1L5D5JIYBV3M8AP2B6&pid=21.2&c=3&w=200&h=105&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=90&slotname=2725978955&adk=3324621644&adf=2454439644&pi=t.ma~as.2725978955&w=1200&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=2&format=1200x90&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948353&bpp=1&bdt=260&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=252
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce81e3c18a19e325d95dc41ab1ca315527990343d37767945afe7762356fca30

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9ea12417.1703067949.1fa8c98f
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 4388
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 5BB0 0
532 B 75ms
20ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fimgbb.com&e=wqT_3QLmA-jmAQAAAwDWAAUBCKyCi6wGELLhgvWWp6SJKRgAKjYJ0dRNH_lBmz8RZZVu0iCSmj8ZAAAAoHA98j8hZQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR45PYFgAEBigEDVVNEkgUG8JqYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEWh0dHBzOi8vaW1nYmIuY29tgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgD1dbKAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEugG8WIgFAZgFAKAF-dKXq8nDq6MowAUAyQUABQEU8D_SBQkJBQt0AAAA2AUB4AUB8AVF-gUECAAQAJAGAJgGALgGAMEGAR80AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH5PYF0gcNFWMBJgjaBwYBXqQYAOAHAOoHAggA8Ae52wKKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=e8e741d52ea9f93a5e495eb11edf5860aadd7973&bdref=https%3A%2F%2Fimgbb.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fimgbb.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6721704972914349%26output%3Dhtml%26h%3D90%26slotname%3D2725978955%26adk%3D3324621644%26adf%3D2454439644%26pi%3Dt.ma~as.2725978955%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703067948%26rafmt%3D2%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fimgbb.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D2%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703067948353%26bpp%3D1%26bdt%3D260%26idt%3D250%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D2615147498797%26frm%3D20%26pv%3D1%26ga_vid%3D652296501.1703067949%26ga_sid%3D1703067949%26ga_hid%3D844412512%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D100%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44809530%252C95320869%252C95320884%26oid%3D2%26pvsid%3D3173852287920342%26tmod%3D1652431452%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D252,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6721704972914349%26output%3Dhtml%26h%3D90%26slotname%3D2725978955%26adk%3D3324621644%26adf%3D2454439644%26pi%3Dt.ma~as.2725978955%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703067948%26rafmt%3D2%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fimgbb.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D2%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703067948353%26bpp%3D1%26bdt%3D260%26idt%3D250%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D2615147498797%26frm%3D20%26pv%3D1%26ga_vid%3D652296501.1703067949%26ga_sid%3D1703067949%26ga_hid%3D844412512%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D100%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44809530%252C95320869%252C95320884%26oid%3D2%26pvsid%3D3173852287920342%26tmod%3D1652431452%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D252&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:49 GMT
an-x-request-uuid: 33fafad5-d33e-4262-a75b-9691c0f21219
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.59.164.102; 37.59.164.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FB15 0
23 B 67ms
67ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CakwaLMGCZf-XKNKM2fcP-oe82A7JntKxXNWdkfdwwI23ARABIABg--GFg5wKggEXY2EtcHViLTY3MjE3MDQ5NzI5MTQzNDnIAQmpAjPfZi_6Z7I-qAMByAMCqgSsAU_QKb1zIrz09ruqP-NarJ8pBRs1y54IjtlZJZDZsCaqByCRUSpAl2C9sSWTu3wOdGUv5Y75EKZdFJRG7CculrXHi6nmLAqb9HZN5rv6iPX1CNEN69rGXTa6LsO2pIROUXzb2SV6IDMtU0m3bCAychkdggka-MnwDs8gR40ZsHi5hqELn-eczkSakXvdwloDnTXqyCc0f0K4xnVOi_TefRKjaOVkXWs0t2EozhCABqKnu9rj0Kjv2QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYx6HuwOadgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjcyMTcwNDk3MjkxNDM0ORgA&sigh=BG6V9PwgUOQ&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_JluuBERm9NbWAiBBCFAtdR0zP1cFtYEgdDZW4c6xxw1DQmYUk7znzcJW-iOjyW2okNcURb0c_atgI-BiQ4Sapd7zqocrl-oXZekYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=6996232155&adk=2999726218&adf=369238792&pi=t.ma~as.6996232155&w=300&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=300x250&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=261&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=254
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 10:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 10:25:49 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame FB15 0
126 B 56ms
18ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kLGVGdOBMKwC-gGdg2ICAgAAALEnYGc7NnP8ECzBgmUyxugd_y1-dxvqAAASAAAKCkFRVUJEd0VCRHc&wp=ZYLBLAAKC_8I9kZSAA8D-mAccFciEzd3rYFn3Q&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 158867
server: Kestrel
content-length: 0

GET
H2

200

c.gif
www.bing.com/aes/ Frame C40C
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4954d7cd-f716-469e-8276-82b927a165c1&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=cc5a5cf4-3510-452b...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=0a10d94250ce4a6e982da6994262f42e&SNR=1&GV=2&med=10

0
546 B

75ms
75ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=0a10d94250ce4a6e982da6994262f42e&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=280&slotname=7983200130&adk=2361693376&adf=2893959185&pi=t.ma~as.7983200130&w=336&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=336x280&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=260&idt=255&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C300x250&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=657&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=257
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 032489A019084B598D58E9B0299923F7 Ref B: FRA31EDGE0606 Ref C: 2023-12-20T10:25:49Z
x-cdn-traceid: 0.9ea12417.1703067949.1fa8ca6a
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 20 Dec 2023 10:25:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 79CBD89FC58C4C8381D075222C1C9BEC Ref B: DUS30EDGE0913 Ref C: 2023-12-20T10:25:49Z
x-cdn-traceid: 0.9ea12417.1703067949.1fa8c992
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=0a10d94250ce4a6e982da6994262f42e&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame C40C 8 KB
8 KB 104ms
39ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559547254697_1F570QO1OBZDVSABNL&pid=21.2&c=3&w=336&h=176&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=280&slotname=7983200130&adk=2361693376&adf=2893959185&pi=t.ma~as.7983200130&w=336&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=336x280&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=260&idt=255&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C300x250&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=657&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=257
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c077e4d5004741c462e7909e6b04e880452eae46f2471acf916d3a480cd906e6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9ea12417.1703067949.1fa8c990
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 7767
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame C40C 0
531 B 62ms
20ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fimgbb.com&e=wqT_3QLoA-joAQAAAwDWAAUBCKyCi6wGEKS0mdGb2M3FSBgAKjYJIv8g4UI5pD8RauzmVMu2oz8ZAAAAoHA98j8hag0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR44vAFgAEBigEDVVNEkgUG8JqYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEWh0dHBzOi8vaW1nYmIuY29tgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgD1dbKAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEugG8WIgFAZgFAKAF_7yfpP7gjMcxwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWHzRf6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfi8AXSBw0VZQEmCNoHBgFepBgA4AcA6gcCCADwB7nbAooIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=e228545eccb7bd7ec7000fe9f170bf8e4480b1f5&bdref=https%3A%2F%2Fimgbb.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fimgbb.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6721704972914349%26output%3Dhtml%26h%3D280%26slotname%3D7983200130%26adk%3D2361693376%26adf%3D2893959185%26pi%3Dt.ma~as.7983200130%26w%3D336%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703067948%26rafmt%3D3%26format%3D336x280%26url%3Dhttps%253A%252F%252Fimgbb.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D1%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703067948354%26bpp%3D1%26bdt%3D260%26idt%3D255%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x90%252C300x250%26nras%3D1%26correlator%3D2615147498797%26frm%3D20%26pv%3D1%26ga_vid%3D652296501.1703067949%26ga_sid%3D1703067949%26ga_hid%3D844412512%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D657%26ady%3D488%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44809530%252C95320869%252C95320884%26oid%3D2%26pvsid%3D3173852287920342%26tmod%3D1652431452%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26dtd%3D257&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:49 GMT
an-x-request-uuid: 4e917e30-f806-47a9-b041-99550dbdda72
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.59.164.102; 37.59.164.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B703 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0e1a73aa367c8faaccb754196a288189a8cfc0deba2139e1ecf3db278acfb25

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B703
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CCxxULMGCZeOnKIWbzQaPnoLwD7aQzch05KS387MSxNv-47QOEAEgjsywkAFg--GFg5wKoAHXl6W0AsgBCakClKHuba9msj6oAwHIA8sEqgS5AU_QTuJnjpCnJ6wpcFjd2AFsZnb9Bj2Vhy3...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215383615221347053203%22,%22debug_reporting%22:true,%22destination%22:%22https://krys.com%22,%22event_report_window%22:%222...

0
0

112ms
61ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215383615221347053203%22,%22debug_reporting%22:true,%22destination%22:%22https://krys.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22646532055%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224822124171215036641%22}&andc=true

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15383615221347053203","debug_reporting":true,"destination":"https://krys.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["646532055"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"4822124171215036641"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 10:25:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 10:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15383615221347053203","debug_reporting":true,"destination":"https://krys.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["646532055"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"4822124171215036641"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B703 33 KB
33 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 00:19:37 GMT
x-content-type-options: nosniff
age: 122772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 00:19:37 GMT

GET
DATA 200
OK truncated
/ Frame 5BB0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98fbe301090bdbd674f1ca1bfbdbd80005c161534e9e5cf4216bc06ab12df545

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 5BB0 0
555 B 20ms
20ms Ping
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fimgbb.com&e=wqT_3QKDB-iDAwAAAwDWAAUBCKyCi6wGELLhgvWWp6SJKRgAKjYJ0dRNH_lBmz8RZZVu0iCSmj8ZAAAAoHA98j8hZQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR45PYFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIRaHR0cHM6Ly9pbWdiYi5jb22AAwCIAwGQAwCYAwmgAwGqA5oDCrACaA0nHHd3dy5iaW5nASrweS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04NGE3OGJhYS1mOWY0LTQ4OTQtODI5Zi00OWYyOGEzYWIzZGImYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AOI5xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZwHBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyOTU5NTg3NTgwOTkxMDIBnjAiCTM4MTg0NjcxNCoEIU3wgTo4VTJWaGNtTm9RV1FqTnpNNE1EVXdNamd3TVRrNU1UVWpNak15TlRZd05EVXpNakUzTURFM05BPT3AA9gEyAMA2APV1soB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8ARFVliIBQGYBQCgBfnSl6vJw6ujKMAFAMkFAAUBFPA_0gUJCQULdAAAANgFAeAFAfAFRfoFBAgAEACQBgCYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB-T2BdIHDRVjASYI2gcGAV6wGADgBwDqBwIIAPAHudsCiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=39b7c09e98f1322c58a3b103f6cc5a0ed8a217ca&type=nv&nvt=5&jm=1003&px=236&py=0&bw=182&bh=90&sid=6400683621330928639&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=1200&ph=90&ww=1200&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:49 GMT
an-x-request-uuid: 0cf6998f-862d-4eac-90f7-52947fb5b0de
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.59.164.102; 37.59.164.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C40C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f32b4cf49f54a1b442776b602573c196bf0f570990a9d22cf325e0b8f86d985

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame C40C 0
555 B 19ms
19ms Ping
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fimgbb.com&e=wqT_3QKGB-iGAwAAAwDWAAUBCKyCi6wGEKS0mdGb2M3FSBgAKjYJIv8g4UI5pD8RauzmVMu2oz8ZAAAAoHA98j8hag0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR44vAFgAEBigEDVVNEkgUG8FWYAdACoAGYAqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEWh0dHBzOi8vaW1nYmIuY29tgAMAiAMBkAMAmAMJoAMBqgOaAwqwAhEn8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Y2M1YTVjZjQtMzUxMC00NTJiLTg1ZjUtZTFjNWM3ODg5M2M5JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBjjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRn0UwFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTIyNzMzMTk5ODE3MzI1NjIyOCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE0zTmprME5UUXlPVEU1TXpjak1qTXpOVFUyT0RnMU5qRTNNalF5T1E9PcAD2ATIAwDYA9XWygHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX_vJ-k_uCMxzHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWHzRf6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfi8AXSBw0JESkBsQzaBwYIBQmo4AcA6gcCCADwB7nbAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=e51cef2b4d0d4bb5158f7a24c5b92e2012885c7a&type=nv&nvt=5&jm=1003&px=0&py=0&bw=336&bh=176&sid=6400683621330928639&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=336&ph=352&ww=336&wh=280&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:49 GMT
an-x-request-uuid: cde40c33-facd-4852-a9e1-c666b5cfa906
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.59.164.102; 37.59.164.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 121ms
59ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Dec 2023 10:25:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5BB0 0
19 B 71ms
70ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEcmuLMGCZe6zKIGy-wbeq6aQDdLg1-Buj6S2k5MKwI23ARABIABg--GFg5wKggEXY2EtcHViLTY3MjE3MDQ5NzI5MTQzNDnIAQmoAwHIAwKqBKsBT9DQ1M0bGYFNvayzW8zEZREYbr1fq56iXpL5A4Yz7ZYc_muvvt8u0NyYKO9CDuHcEwsUvEgrx-2cOAoiVYtqA1UfdE4MJLGFTpVr-flSLDmQo5MS_FnT4bXhe7EN-4w2L1z8DlynxjSuWXI24U_ACejgzpuMnIJ8rzlPAbs1ffTEgu0JO4tI3cX1k-qcTtDp1Veo6T_wb1MyW-fqHpgKQrCU_6pki_wBAfa0gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOym7sDmnYMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY3MjE3MDQ5NzI5MTQzNDkYAA&sigh=1W71jDqPALk&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_vXRTW9leYx9L3PtxUjFDKYXY4MLuS3mQq62CpUuWenchH-3Mwg5EFrkHHpIYMMFCL6K1lFsyhP6XcO5jgmPN9wzhsNO7RQzyZhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=90&slotname=2725978955&adk=3324621644&adf=2454439644&pi=t.ma~as.2725978955&w=1200&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=2&format=1200x90&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948353&bpp=1&bdt=260&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 10:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 5BB0 0
532 B 20ms
20ms Image
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fimgbb.com&e=wqT_3QKDB-iDAwAAAwDWAAUBCKyCi6wGELLhgvWWp6SJKRgAKjYJ0dRNH_lBmz8RZZVu0iCSmj8ZAAAAoHA98j8hZQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR45PYFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIRaHR0cHM6Ly9pbWdiYi5jb22AAwCIAwGQAwCYAwmgAwGqA5oDCrACaA0nHHd3dy5iaW5nASrweS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04NGE3OGJhYS1mOWY0LTQ4OTQtODI5Zi00OWYyOGEzYWIzZGImYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AOI5xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZwHBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyOTU5NTg3NTgwOTkxMDIBnjAiCTM4MTg0NjcxNCoEIU3wgTo4VTJWaGNtTm9RV1FqTnpNNE1EVXdNamd3TVRrNU1UVWpNak15TlRZd05EVXpNakUzTURFM05BPT3AA9gEyAMA2APV1soB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8ARFVliIBQGYBQCgBfnSl6vJw6ujKMAFAMkFAAUBFPA_0gUJCQULdAAAANgFAeAFAfAFRfoFBAgAEACQBgCYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB-T2BdIHDRVjASYI2gcGAV6wGADgBwDqBwIIAPAHudsCiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=39b7c09e98f1322c58a3b103f6cc5a0ed8a217ca&pp=ZYLBLAAKGe4K3tkBAAmV3mAhrUIwqfb-47GlHA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzMfuLMGCZe6zKIGy-wbeq6aQDdLg1-Buj6S2k5MKwI23ARABIABg--GFg5wKggEXY2EtcHViLTY3MjE3MDQ5NzI5MTQzNDnIAQmoAwHIAwKqBK4BT9DQ1M0bGYFNvayzW8zEZREYbr1fq56iXpL5A4Yz7ZYc_muvvt8u0NyYKO9CDuHcEwsUvEgrx-2cOAoiVYtqA1UfdE4MJLGFTpVr-flSLDmQo5MS_FnT4bXhe7EN-4w2L1z8DlynxjSuWXI24U_ACejgzpuMnIJ8rzlPAbs1ffTEgu0JO8lK_Fc3NxDx2iqdYMnxbYn0TFm2UsnyxzqMGzQof4BIkzyA45sgrUqDgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOym7sDmnYMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03Mrvn-EzdHWRRihWp_G--wvyUqw%26client%3Dca-pub-6721704972914349%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:49 GMT
an-x-request-uuid: 49976d6b-7b5d-45b7-8444-23e72639d6c6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.59.164.102; 37.59.164.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame A3E1 50 KB
19 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 08:10:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C40C 0
19 B 70ms
70ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6UJyLMGCZYCiKIqn2fcP6IqG4A_S4Nfgbo-ktpOTCsCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi02NzIxNzA0OTcyOTE0MzQ5yAEJqAMByAMCqgSrAU_QjskU_AoU032yAsOxm5ox3SWj6B8ktP6AVIx5FHeaY0zIWMgxbivbArQYIAcnJWu9pMTDXbW0uzD9TA9uWkZofHrCBK3NiRDRJZK9AHbaS7NtNRegBw7jY9p4GlHkYWRc_aZUYgMJFsOI_3nnvDV1mK7GJ2hDBt83xVN1Nj71-7Gw_j0cuMrRcovak1kFEFm1Zj9QjYfd_vYVQoQJSNaeSn_HX7IdjSfGIYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli8qO7A5p2DA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02NzIxNzA0OTcyOTE0MzQ5GAA&sigh=4Aq_NRDcHHw&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_Q99u8U0sugBnSKPmzhzuah77ZrDlLrgnTUdvPe8LlqKmKyGxQYqPLwhbB_PcTlUUJrTxML1YMbwxaVcJDJpyQZX69zYoxRvl2BgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=280&slotname=7983200130&adk=2361693376&adf=2893959185&pi=t.ma~as.7983200130&w=336&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=336x280&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=260&idt=255&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90%2C300x250&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=657&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 10:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame C40C 0
531 B 21ms
20ms Image
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fimgbb.com&e=wqT_3QKGB-iGAwAAAwDWAAUBCKyCi6wGEKS0mdGb2M3FSBgAKjYJIv8g4UI5pD8RauzmVMu2oz8ZAAAAoHA98j8hag0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR44vAFgAEBigEDVVNEkgUG8FWYAdACoAGYAqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEWh0dHBzOi8vaW1nYmIuY29tgAMAiAMBkAMAmAMJoAMBqgOaAwqwAhEn8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Y2M1YTVjZjQtMzUxMC00NTJiLTg1ZjUtZTFjNWM3ODg5M2M5JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBjjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRn0UwFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTIyNzMzMTk5ODE3MzI1NjIyOCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE0zTmprME5UUXlPVEU1TXpjak1qTXpOVFUyT0RnMU5qRTNNalF5T1E9PcAD2ATIAwDYA9XWygHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX_vJ-k_uCMxzHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWHzRf6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfi8AXSBw0JESkBsQzaBwYIBQmo4AcA6gcCCADwB7nbAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=e51cef2b4d0d4bb5158f7a24c5b92e2012885c7a&pp=ZYLBLAAKEQAI9lOKAAGFaDZHY4eybgEZ_xsKlQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrHzGLMGCZYCiKIqn2fcP6IqG4A_S4Nfgbo-ktpOTCsCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi02NzIxNzA0OTcyOTE0MzQ5yAEJqAMByAMCqgSuAU_QjskU_AoU032yAsOxm5ox3SWj6B8ktP6AVIx5FHeaY0zIWMgxbivbArQYIAcnJWu9pMTDXbW0uzD9TA9uWkZofHrCBK3NiRDRJZK9AHbaS7NtNRegBw7jY9p4GlHkYWRc_aZUYgMJFsOI_3nnvDV1mK7GJ2hDBt83xVN1Nj71-7Gw_j1euutDsC8g_s3_ZOwrP7vmiaTXev87Wl2rzo8a9v_tc6rdDMWrtV3VYIAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli8qO7A5p2DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34_zZun7xGwt9ahr0R4jYNetghDg%26client%3Dca-pub-6721704972914349%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:49 GMT
an-x-request-uuid: 61bf08be-4c7c-4f24-8d5e-4e49174eca60
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.59.164.102; 37.59.164.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4b3eae79ab3cc358f922a8c193cc180a7c2e905b916f3bc3c51633feecd4cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56012
x-xss-protection: 0
server: cafe
etag: 14742234669210482118
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:25:49 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 7914 9 KB
4 KB 24ms
24ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 5451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:54:58 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 08:54:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 7375 9 KB
4 KB 24ms
24ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 5451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:54:58 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 08:54:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 7914 4 KB
671 B 53ms
53ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 09:05:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 10:25:50 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7914 205 B
519 B 25ms
25ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:46 GMT
x-content-type-options: nosniff
age: 91863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Dec 2024 08:54:46 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7914 604 B
695 B 26ms
26ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:44:01 GMT
x-content-type-options: nosniff
age: 45709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Dec 2024 21:44:01 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7914 16 KB
7 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:43 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7914 22 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 02:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 02:16:55 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F23E 110 KB
41 KB 41ms
40ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZYLBLAAKFQMI9kacAAY-V7Dg6WWeGwt9TYlvkQ&u=%7CmwOexDnQp64Gv2odjHjWv7UvOnm6W2L7hDnbQeRr%2BYE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9ZUJzdDMzw91arTJCFiztu6IyeL1aAJ2gpp8_KlOfeq5Ti-FjfN1tDC882tv6bYxbzhFUE409kMGI1KfkyqA6KoX_LU4gTpV-r_USXtDVzzYouwnRxGVUYJQ6qrRoXLHRfyIhdO13LsfHwDD3sHDUaBBWRXZQ6cCDBV4GqcI36wwY-bvDPwHf1-P-mE0U8IykGWgDgOxo8b9ZEmMLhp8yDqB945iGrkMGvbxjiahRTnzU1P-2WnrQR9bqsOgDE_v4dwCeONIHD4XQGqIKXiJbx5_BGzS90elT7-JZTQEHHKE7kgKfLGmVQZp2HdGSN-qWPIV4VYhlQf5BiDngi7jyVV0FHoAWHAuYOVhkMQykcIUQt9uiL5yeVucDJD8ojDbAUGq8Unak_ECBu1Psyzz4OHghxB7pOCtgyN9PNozRbGzi8vIGZnfvHl1XXWU4HCZ5XRreBvswHRC3T1aaPIbHCOWHjC6313uFTclWvQ-RsRg55g2vckHY5EgiYKAk77j_uPYrAl_wO0-i6jNTKX5Z6zbvg7hzFr216i7CcbTxH4tXqMjFJzXK28zOtMjQVt9e&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8ATWLMGCZYOqKJyN2fcP1_yYoAXJntKxXM3hkvdwwI23ARABIABg--GFg5wKggEXY2EtcHViLTY3MjE3MDQ5NzI5MTQzNDnIAQmpApSh7m2vZrI-qAMByAMCqgSwAU_QDjEE9gh_P0HG--BWtAyhI1ON2iOwpjromNJppFgVWVEbzPNFzGICWsDTdz-B3Qn76uV3mD-CgExaxEYrP36hIB4pmUmbvRdU20vHh95HQCnPmhe-3Yo_ndU4V1GrgyovHdS6iMCKwPadyaao-PQiPIkePO7U5VbLWwmPPjyOW0EBeXk4RFnuhONQc__201vJ1BK3XY9d2cOOHhnkFs25cdmgevBfRRJG6giykRhmgAal5pm70ujht-UBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPis7sDmnYMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2_XwVNNP7D7U0cjYAbyayGAPhIQw%26client%3Dca-pub-6721704972914349%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3b7dec2b010320ee859db921f7c7940789aec436ea00a2b2fc6a28a4856917f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:25:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2B1Oazw9UfPkK5uNIq1scIoRehYfWP3NV7jzOLPaYSywqfBn_diPowuvuKk46Swb9GQNJWp3JvfNqm9SlhU5dgm1SJ15zWbiL3esZM8nwB-_wDmi4pO6lkfs4HAr9hUp2n_4mRbLR1mR1GD3VxXpHFQAwJN-Hu45HU9oPgyyVsyqFoOJTaPAgmo5P0sGOxaJK0jJDlBubKDLvF4CZRndxIZp0N9exb-JAe2yLhJ7NEbSeJKTgQURI-QU8rJE9skfzt73Xw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 14225265
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7375 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:38:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7375 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7375 203 KB
64 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:25:50 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F23E 2 KB
1 KB 28ms
27ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZYLBLAAKFQMI9kacAAY-V7Dg6WWeGwt9TYlvkQ&u=%7CmwOexDnQp64Gv2odjHjWv7UvOnm6W2L7hDnbQeRr%2BYE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9ZUJzdDMzw91arTJCFiztu6IyeL1aAJ2gpp8_KlOfeq5Ti-FjfN1tDC882tv6bYxbzhFUE409kMGI1KfkyqA6KoX_LU4gTpV-r_USXtDVzzYouwnRxGVUYJQ6qrRoXLHRfyIhdO13LsfHwDD3sHDUaBBWRXZQ6cCDBV4GqcI36wwY-bvDPwHf1-P-mE0U8IykGWgDgOxo8b9ZEmMLhp8yDqB945iGrkMGvbxjiahRTnzU1P-2WnrQR9bqsOgDE_v4dwCeONIHD4XQGqIKXiJbx5_BGzS90elT7-JZTQEHHKE7kgKfLGmVQZp2HdGSN-qWPIV4VYhlQf5BiDngi7jyVV0FHoAWHAuYOVhkMQykcIUQt9uiL5yeVucDJD8ojDbAUGq8Unak_ECBu1Psyzz4OHghxB7pOCtgyN9PNozRbGzi8vIGZnfvHl1XXWU4HCZ5XRreBvswHRC3T1aaPIbHCOWHjC6313uFTclWvQ-RsRg55g2vckHY5EgiYKAk77j_uPYrAl_wO0-i6jNTKX5Z6zbvg7hzFr216i7CcbTxH4tXqMjFJzXK28zOtMjQVt9e&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8ATWLMGCZYOqKJyN2fcP1_yYoAXJntKxXM3hkvdwwI23ARABIABg--GFg5wKggEXY2EtcHViLTY3MjE3MDQ5NzI5MTQzNDnIAQmpApSh7m2vZrI-qAMByAMCqgSwAU_QDjEE9gh_P0HG--BWtAyhI1ON2iOwpjromNJppFgVWVEbzPNFzGICWsDTdz-B3Qn76uV3mD-CgExaxEYrP36hIB4pmUmbvRdU20vHh95HQCnPmhe-3Yo_ndU4V1GrgyovHdS6iMCKwPadyaao-PQiPIkePO7U5VbLWwmPPjyOW0EBeXk4RFnuhONQc__201vJ1BK3XY9d2cOOHhnkFs25cdmgevBfRRJG6giykRhmgAal5pm70ujht-UBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPis7sDmnYMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2_XwVNNP7D7U0cjYAbyayGAPhIQw%26client%3Dca-pub-6721704972914349%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:25:50 GMT

GET
H2 200 adchoices_fr.svg
static.criteo.net/flash/icon/ Frame F23E 2 KB
1 KB 24ms
24ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_fr.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-75e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:25:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F23E 308 B
636 B 20ms
20ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 14 Dec 2024 10:25:50 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F23E 293 B
621 B 24ms
24ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 14 Dec 2024 10:25:50 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame F23E 43 B
347 B 22ms
21ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=-GGUn4JYeoK-0PcPMtyxcByX60hJaW_DXvfEl1USIyORmcXsUy-oiUwzxedQflpUraVRtYRJ51uapu_UDjgklLYlMgTJEwqEw_NeAiY0OtJ_a-5dO0NeGN45Jqp6ZG0lPhsJgqBXNtUdVqaQJ2hzrpBFibXmfV6ViYS1eP39Wj3Wbitx2kjHp4lFmwG0O6K5v8mv92-hs7-n_jFNQ8MG1mPoZDOyL9m8-FNSUVT_eFXuFlNNesH3QGdrhU1ObsFdtDdFzv8CWsb9jfogK3qqTkERRxLFsSlUp6q5CRo7WnJEyfd-8eflKsThUT9y5hBKd1IrlDRlXJWQUEOW5v_iVcGHSOZpeQDRyJVmvaHw5h3kFMn729WyPEZH6HF_WTCrpNOjJvHdsTmtp9GVBDQMjhmcwjKVOocb5jJeZRfxPFfCdZSv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1799364
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F23E 12 KB
5 KB 62ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1246125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pe4Ga76RyJEsb7KHkoheorxUy1FvmRiu5D1piCZjc0SJCTFz%2BMSMbd3ChDx71ZNms42RxqfATJEsY816OCBEf6u9LePChwsycVwMa%2B8VkIUaLo0NBkdTVIdzSqI%2FY4Tc7rOvrUWbnH3rJ2yRU3LX%2Fb6D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83872f00089a6f7e-CDG
expires: Mon, 09 Dec 2024 10:25:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0AB4 14 KB
1 KB 35ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 09:09:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 10:25:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0AB4 2 KB
822 B 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 0AB4 23 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 23:00:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 21B7 143 B
166 B 26ms
26ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 09:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0AB4 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:38:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0AB4 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AB4 203 KB
64 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:25:50 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 0AB4 37 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 13:56:43 GMT

GET
DATA 200
OK truncated
/ Frame 7375 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7f08b59346e82c2c2f7b28ff7fcbeadc54db68626d51e6393ced00d53d100f2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F23E 12 KB
6 KB 21ms
21ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:25:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F23E 18 KB
18 KB 79ms
39ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=84138&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F84138%2F5172090%2F1b2ac75a0190495f846a1ae0627d113b_fce84a3977c84206b177dcee5f80b220_b7d50e0476f44b5ca2c268116cc3987e_766979c801ea4e3393f80739d8ed6a20_bip-and-go-telepeage.png&v=3&w=394&rid=4&s=p-QFtkPoGPLVqlofkgWY4KOt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

65d16284101cc081dedbed205ba3da5ad2e2df62cad97c6e959e3c10647096bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 18501
expires: Thu, 05 Dec 2024 11:17:49 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F23E 0
127 B 20ms
19ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=2B1Oazw9UfPkK5uNIq1scIoRehYfWP3NV7jzOLPaYSywqfBn_diPowuvuKk46Swb9GQNJWp3JvfNqm9SlhU5dgm1SJ15zWbiL3esZM8nwB-_wDmi4pO6lkfs4HAr9hUp2n_4mRbLR1mR1GD3VxXpHFQAwJN-Hu45HU9oPgyyVsyqFoOJTaPAgmo5P0sGOxaJK0jJDlBubKDLvF4CZRndxIZp0N9exb-JAe2yLhJ7NEbSeJKTgQURI-QU8rJE9skfzt73Xw&sds=2&rev=89863&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 20 Dec 2023 10:25:49 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F23E 2 KB
1 KB 21ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:25:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F23E 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:25:50 GMT

GET
H2 206 2609013f2160417787702be283051a16_adaptive-ads_1280x720.mp4
static.criteo.net/design/dt/84138/5180876/ Frame F23E 181 KB
182 KB 25ms
24ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/84138/5180876/2609013f2160417787702be283051a16_adaptive-ads_1280x720.mp4?ibv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

52f21d1db4d3a7dad52b1676c56d488429b5ac26999d914464676bf262d963f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 15 Dec 2023 09:30:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "657c1cd2-2d454"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-185427/185428
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 185428
expires: Sat, 14 Dec 2024 10:25:50 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 21B7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

33ms
32ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:25:50 GMT
expires: Wed, 20 Dec 2023 10:25:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:25:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 oswald-400.css
static.criteo.net/design/googlefont/oswald/ Frame F23E 2 KB
800 B 20ms
20ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/oswald/oswald-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0b8a1d9d8eed5af68ed7ce830f43968deefcaa01a3a2fa146b156cc01f6e4a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f083-639"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:25:50 GMT

GET
H2 200 oswald-400-latin.woff2
static.criteo.net/design/googlefont/oswald/ Frame F23E 10 KB
10 KB 62ms
22ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/oswald/oswald-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/oswald/oswald-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f36c7d76fdd5fe543f05e07db9ef6c2f3010bed4ab9960b6af9af269d75ecfaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/oswald/oswald-400.css
Origin: https://ads.eu.criteo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f083-2670"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:25:50 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FB15 42 B
174 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstz04HPp6zrdDGZwfRypcl63BnqSNWpCPe1_SVDupvwLEYX1MJ1fCA43RIzCIZEsb4uX0JmoXIEHQ6_1scJ-EyxDn1jfXJvdvyvGYxoF1NrTKGlnfo3&sig=Cg0ArKJSzNW8O_KkQYj1EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2999726218&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703067948608&rpt=552&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7375 0
19 B 69ms
69ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfsZDLMGCZYOqKJyN2fcP1_yYoAXJntKxXM3hkvdwwI23ARABIABg--GFg5wKggEXY2EtcHViLTY3MjE3MDQ5NzI5MTQzNDnIAQmpApSh7m2vZrI-qAMByAMCqgStAU_QDjEE9gh_P0HG--BWtAyhI1ON2iOwpjromNJppFgVWVEbzPNFzGICWsDTdz-B3Qn76uV3mD-CgExaxEYrP36hIB4pmUmbvRdU20vHh95HQCnPmhe-3Yo_ndU4V1GrgyovHdS6iMCKwPadyaao-PQiPIkePO7U5VbLWwmPPjyOW0EBeXk4RBvspXHQ4C_LdYvuDp6XtCtT_sk4FDf8lHlxTH9Sxe5zXYqMfihbgAal5pm70ujht-UBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPis7sDmnYMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY3MjE3MDQ5NzI5MTQzNDkYAA&sigh=OyJs65QBg88&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_SQYcag1XqHYQBeqg9Ter06VHkiw37SFoSyVsQ67pXCELoYByNpHmRjWyJJd87Vv4D-XnaL60h3GJSesyw7cmeQ7MM-gA0R5pSUsYAQ&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 10:25:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 7375 0
126 B 59ms
20ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kIatEMD6RO0HfJ2DYgICAAAABxamZWtSTzYQLMGCZSIGS4p94dIY96kAABIAAAoKQVFVREFRRUJBUQ&wp=ZYLBLAAKFQMI9kacAAY-V7Dg6WWeGwt9TYlvkQ&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:49 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 124833
server: Kestrel
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 73ms
73ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bee6460dc8aeffe53f71837326f8720fc6b06d1a7c877179c645e29063355114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12236
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame C38D 50 KB
19 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 08:10:10 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 5BB0
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=35a587fe-11d0-41db-8b48-44321ef1ccb6&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=84a78baa-f9f4-4894...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=31f63e16608c45d8afe53bc50db79d94&tids=15000&med=10

0
18 B

96ms
96ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=31f63e16608c45d8afe53bc50db79d94&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 08BEE638C2B140EDA4ADA8CF6E3D8ABC Ref B: FRA31EDGE0706 Ref C: 2023-12-20T10:25:50Z
x-cdn-traceid: 0.9ea12417.1703067950.1fa8d6e0
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 20 Dec 2023 10:25:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1EF49671EE0D4A0BB845E5B22062FC59 Ref B: FRAEDGE2020 Ref C: 2023-12-20T10:25:50Z
x-cdn-traceid: 0.9ea12417.1703067950.1fa8d5e4
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=31f63e16608c45d8afe53bc50db79d94&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 all
csm.eu.criteo.net/ Frame 4EAD 0
127 B 20ms
20ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 20 Dec 2023 10:25:50 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 10:25:50 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame C40C
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4954d7cd-f716-469e-8276-82b927a165c1&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=cc5a5cf4-3510-452b...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=0a10d94250ce4a6e982da6994262f42e&tids=15000&med=10

0
18 B

78ms
77ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=0a10d94250ce4a6e982da6994262f42e&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E8498426C47A4AE781CFB13AFC3E71FB Ref B: FRAEDGE1420 Ref C: 2023-12-20T10:25:50Z
x-cdn-traceid: 0.9ea12417.1703067950.1fa8d6f7
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 20 Dec 2023 10:25:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A3286C3258D647B38BD008C444762C0E Ref B: FRA31EDGE0513 Ref C: 2023-12-20T10:25:50Z
x-cdn-traceid: 0.9ea12417.1703067950.1fa8d5ff
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=0a10d94250ce4a6e982da6994262f42e&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 5BB0 0
556 B 20ms
20ms Ping
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fimgbb.com&e=wqT_3QKDB-iDAwAAAwDWAAUBCKyCi6wGELLhgvWWp6SJKRgAKjYJ0dRNH_lBmz8RZZVu0iCSmj8ZAAAAoHA98j8hZQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR45PYFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIRaHR0cHM6Ly9pbWdiYi5jb22AAwCIAwGQAwCYAwmgAwGqA5oDCrACaA0nHHd3dy5iaW5nASrweS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04NGE3OGJhYS1mOWY0LTQ4OTQtODI5Zi00OWYyOGEzYWIzZGImYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AOI5xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZwHBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyOTU5NTg3NTgwOTkxMDIBnjAiCTM4MTg0NjcxNCoEIU3wgTo4VTJWaGNtTm9RV1FqTnpNNE1EVXdNamd3TVRrNU1UVWpNak15TlRZd05EVXpNakUzTURFM05BPT3AA9gEyAMA2APV1soB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8ARFVliIBQGYBQCgBfnSl6vJw6ujKMAFAMkFAAUBFPA_0gUJCQULdAAAANgFAeAFAfAFRfoFBAgAEACQBgCYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB-T2BdIHDRVjASYI2gcGAV6wGADgBwDqBwIIAPAHudsCiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=39b7c09e98f1322c58a3b103f6cc5a0ed8a217ca&type=pv&jm=1003&px=236&py=0&bw=182&bh=90&sf=1&sid=6400683621330928639&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:50 GMT
an-x-request-uuid: 343ebe48-5dcd-465e-bb9b-e96681887c33
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.59.164.102; 37.59.164.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7E0C 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 58155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 18:16:35 GMT
expires: Wed, 18 Dec 2024 18:16:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D62 829 B
999 B 36ms
35ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a7356e6e7d33272f27f8e63184c1f5abb8baf0f6cd6ee0026aaaaa2a84293e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ja1I-P2qz_POzY7wZNqijA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imgbb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ja1I-P2qz_POzY7wZNqijA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:25:50 GMT
expires: Wed, 20 Dec 2023 10:25:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame C40C 0
555 B 20ms
19ms Ping
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fimgbb.com&e=wqT_3QKGB-iGAwAAAwDWAAUBCKyCi6wGEKS0mdGb2M3FSBgAKjYJIv8g4UI5pD8RauzmVMu2oz8ZAAAAoHA98j8hag0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR44vAFgAEBigEDVVNEkgUG8FWYAdACoAGYAqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEWh0dHBzOi8vaW1nYmIuY29tgAMAiAMBkAMAmAMJoAMBqgOaAwqwAhEn8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Y2M1YTVjZjQtMzUxMC00NTJiLTg1ZjUtZTFjNWM3ODg5M2M5JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBjjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRn0UwFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTIyNzMzMTk5ODE3MzI1NjIyOCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE0zTmprME5UUXlPVEU1TXpjak1qTXpOVFUyT0RnMU5qRTNNalF5T1E9PcAD2ATIAwDYA9XWygHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX_vJ-k_uCMxzHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWHzRf6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfi8AXSBw0JESkBsQzaBwYIBQmo4AcA6gcCCADwB7nbAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=e51cef2b4d0d4bb5158f7a24c5b92e2012885c7a&type=pv&jm=1003&px=0&py=0&bw=336&bh=176&sf=1&sid=6400683621330928639&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:50 GMT
an-x-request-uuid: 5532a41d-7c12-4355-85d8-5c52a2f94a06
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.59.164.102; 37.59.164.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5BB0 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVwGl5qHoRu8yRL9FC5yM2E6CRWXp_uNmv4y77XltzCK6BpCgO0AGUyIxWPUBTKDnRP-zyCvv5Q-2qHTnbCP3Lm-7n2fJHE9gS3VXwkv1avozR3dXpzw&sig=Cg0ArKJSzOKg8bI0tT7FEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3324621644&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703067949116&rpt=337&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E0C 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 09:13:40 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C40C 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjz6CWqFfu5tKtIsKMCjgjwpLvjwzNC0YJdhrr9w70lDx5CAj59fYBEiM6Gu095jhEXzm7tRczbE7OUIKFOmwJnPYRfDdoKqwJnxFT34jb6iFskl00YQ&sig=Cg0ArKJSzFxlRlZpLcRlEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2361693376&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703067948611&rpt=866&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B703 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrjUVXlrAQjdDpWPXZ4pDx6pTU6c6hzanjpsu1M4Abl3GSdm0Lyuo09ANlUNltGkRDsctwQW_MxLBNmoykQ1wrjuCohhOooVtZVpQXacbfXBhaj-UHtWhUQeWns145mUqo09QWqOsnZR2bToxTS6lReTxYahH9b0cquxZXpvUyBkYHhSjqvxtqpHz4rhRvqyNzZNtfdWXcdUKs0QNSOqxztH1AmWzJiQfu4ybuYGkg2UhG9CWxu9kIajEAkbMMIiPsvqRVZ5a-5T2jbMaE2LHodVMlh3OZ3OQMiFJTpdhsFnzboo9AT6GiqkCE5ARj3aq6UHi2sEJUoWJyNa5FBvqfsowovh8QRtSbd85V6VF6TV-isL3yVMpML2CyTev7tomABQ9GBU48dDj5kyeWmk57g4Fm8mNpka0eZsCkpRdu2CdJeoSFlxcrX_7t7YOxEhGG7oHncfmGU2t3s4e0NozgCnP7Ldk6zFPq5sXcXP4RoQUKbvDU68lPpQzP7CZsydCCxtMd5TDcmeV2hDtAmAfmOy4jIje-5kkKfSnEbZLBL9ZYUYhoqn_zcB3Q-R0VKm-uZcZTXFT29FFAud4xba8z47UoipciZgTMzky6--XiDRMULGCTEEDi66sSw4f5GetOy3RQqHwLdG9cRDbnJFNAUqDzVVctrkXwl42UXFGQL-NYnorQUnjp5ezpF2T3NPBBr3Xtz9IWR3gVMvl9e7zpvliGyXP9IuTpONNuCPTKHFRKlLp-utjpgpJCM0jhyi3tVznmgyPzdLJXiGiuudqCuaBapWsS7nrzIBVUK3kJuxtEkHFQ3pA0b5HoGcywq_j7fDYxD-PCn_AozLvXoPgq59Dm8MwSNZZAuAYhHbj3dAuH3Cfn3MSW6i96upKn2EUUkF3fKYnKurRzKWlzYy0Ese0cpWBiojyspgN8IIupj8BGkdBKy5alyIU_l2yLqQWXvc5snKH_9Ufoe2eGZwbSdCo8x2YSlpXOZSOHem11lrIuzDqSKuYTZGOOFBsPgFa_5_rMTIBoH_uVnS-I9pzrjSTtZu6d3yBsEg7NkcCiaJmcI8aXyILZ7eLCat6Tz4_vnTcNMDofUZrp-ogjsDv5xAqgKxT9DuVAwRI_dOBuNvA-UgTK9ixn7X5xIba9zrG-0eWMZRjLygmXxVIHOGTmqKWB80f3BJ8M4HECqVHEe8t7OT1LikflOrfedU_HI0HlY-iTQ5rHYpldq9byUTaDiSFcdJNuFotyZw&sai=AMfl-YTO5GKGWGYVsbjTl1w0OJVsykW9YnKteld-zedUXTlZ4uHKRVJxHt3W1YvJEQBtDl2pYx-IRVsMYATi_aHBT5Ntwn7FMH7LVEjx-47qB0vEqT5K2zsaVRgTbvhJZLvBRD0z7jsS7_aN7apzs6KEeElf7lxl0C0SFTgM030&sig=Cg0ArKJSzD5_zdSWfJOpEAE&cid=CAQSTwAvHhf_U2JAVIdRk6cLXoZndP-SMMowcLdyRZCjLf-47XPcUJaz-v-mATu6mVSe8BkkK2_aMwZaU1WfWJx2bfcCTx4Ce-Bwt64CmUzIiL8YAQ&id=lidar2&mcvt=1001&p=0,0,250,250&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1733273038&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703067948615&rpt=860&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D62 0
0 60ms
59ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3173852287920342&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7E0C 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?X6vwAg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:25:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3173852287920342&bg=!JCelJ2jNAAY3kmNgF5I7ADQBe5WfONgXq8Uo7g9zwv3UfPB7a5oIdDcPi0Ddl-RdJtr9y3VQiNjq7d1XPHJUT5j-IyVUAgAAACpSAAAAAWgBBwoAiCSYsCcEo5E7HhxJPYpiuWUtzvJCYrfIqLXxdKxIrxBm3B1dK0fvqbEwMTB3sQKo-WDkBmeJA7HygEWtxTN877kdYbZ4kX7kk_CJf-Hk673N01q-yZ-3CoNBBEGMoYMDD9jp5ABqDLY8tmEKQGb7sKxoCCvB9lMJRXPxxCU7X_uB9m196-QHa-iZAq7EXh2NIT22MLCxVJMcMzoJf4JVp_OqBHQQZsU9WLS208bixWQ-A6x2OBIGiY4rq7NhfIgXh4Wsg-5uj1X0R3xgDiUvXIvWQ550rGfePe9LJGSKsuCOltUTP8XPHLGvnf4Xc-gkQJ-yVhQpfV6QbnPZIbh6qHwO8lCZUH_uQT_HquTLRWdhXBeWQvUEdvYu_hNZogjF7skIOm1AXWNQiHTMHl9P8kX-o2qjO4i4dWrlqfzp5Gg86WriLd0KzMrEoCZTkbSB0YomIJJQoa4ocOTSJRtCcmAJ-kapC1hbrzsLPtaJRiU1hvHehgn2xaqS1p_6hmL-mtI8IirIf2B1HtxfcVaPLYZgRC6Xc7GdJxBn_GBAh2pM0WNouLA-DLJUCAi30Xd9f74aVP43gDFWR8vEoQxges9CwqKxVF8H7xtMpgpDzFbSYyU8u7xYqoE1neAXJoLWtb2iYjDVzov2QMcnsB4cRTzfFZJSLOcaVjCTlXiL969M6nkT63PLfPIgCB3Jr3apIno3peZLEoIaZ3GaQQOnTN-TiYn-_4oYE6SR8DWluiatYqnmPb7wc0CzuSZ2XjVwLlhHq3rm7_5HBYzJDle182jVPDUje7UDY_CdgjrX0MGTSJzISpL16e7NGc7aoRAGYUGuL5Yi3h65lrXQYCZfqHxHO_iRACeWUifV0Oa6pFxwjmNdfgu1OlN4TznPsCm8klp5aZDOLzmJTxrcA2MZwlf1z4oH5l_AUUPiSHwvm_RPSA7I9RwfjV4OSGinDAJBOmYmdpAWANdOEKQrXKGcMnnSl7iOmiKaa9fbP2DC_Agcz82A4ZHrkFjrjOt0h0KlWSOtduecBkI0FSWms45onvLCUXtTHQHKcIfDun8pgseI0ZntiOh7WeIid5thzzhs30dX00LMwaw0Cg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7375 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyIQJJm41kWUAdbsLZdU6VuPB93Z1iV2I26ypJ8CHAWIaBy3wAqprVAxr8vRanMiW5ARTvc0jZmE9E0irNMgopODGgap2EhF3IGStmjx30LbapKQMM&sig=Cg0ArKJSzNbJa240VPIxEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=91,774,1000,1125,1266&tos=91,683,226,125,141&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3895348141&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703067949960&rpt=141&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 10:25:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F23E 0
127 B 20ms
19ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 20 Dec 2023 10:25:50 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imgbb.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: lribtrru8d2uhitme2o0nksv0i
.imgbb.com/	1970-01-21 02:26:03	Name: __gads Value: ID=bcceeffc40b2180e:T=1703067948:RT=1703067948:S=ALNI_MZkd3b-J1A0YklRAoiqpvxwJysJ-Q
.imgbb.com/	1970-01-21 02:26:03	Name: __gpi Value: UID=00000d23f14884c6:T=1703067948:RT=1703067948:S=ALNI_MYOv1rreq8VYJWRCmeprd2uBt0jhA
tk.illicado.com/	1970-01-21 01:50:03	Name: uid Value: rB8A0mWCwS173SHuFzzlAg==
.doubleclick.net/	1970-01-21 02:26:03	Name: IDE Value: AHWqTUkcxGgQiZwjBjYFsmZNYGWf7BVxeV2c5FCzZgz5ys1KM2uCRTgOr_RWb_yDXUs
.bing.com/	1970-01-21 02:26:03	Name: MUID Value: 0E66E9F325DD6B4E3334FA1E24776A08
.googleadservices.com/	1970-01-20 19:14:03	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 17:04:28	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 17:04:31	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6721704972914349&output=html&h=250&slotname=6996232155&adk=2999726218&adf=369238792&pi=t.ma~as.6996232155&w=300&fwrn=4&fwrnh=100&lmt=1703067948&rafmt=3&format=300x250&url=https%3A%2F%2Fimgbb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703067948354&bpp=1&bdt=261&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=2615147498797&frm=20&pv=1&ga_vid=652296501.1703067949&ga_sid=1703067949&ga_hid=844412512&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C95320869%2C95320884&oid=2&pvsid=3173852287920342&tmod=1652431452&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=254 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adsdk.microsoft.com
ams3-ib.adnxs.com
cat.nl3.eu.criteo.com
cdn.adnxs.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
imgbb.com
mts0.google.com
ns1.ibb.co
pagead2.googlesyndication.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
simgbb.com
static.criteo.net
tk.illicado.com
tpc.googlesyndication.com
www.bing.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
13.39.142.185
142.250.184.194
151.101.65.108
162.19.58.156
178.250.1.6
185.89.210.101
2606:4700:3037::6815:468
2606:4700::6811:180e
2620:1ec:46::62
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::c
2a02:26f0:3500:1b::1724:a39e
2a06:98c1:3121::3
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a1d9d8eed5af68ed7ce830f43968deefcaa01a3a2fa146b156cc01f6e4a98
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1558e8801993356dba3a2b0416db17c0f11dd02b53cc92a2629ab0b62ebd4b9c
159c0c0e0a365ce59fdae3abe3b22a04be6916d21f2478f0e9bcd98af634529a
1620adae7eb8d2ac0f400c88d47a1d45d095ea3e224c5e4e15db1d83403fb5c7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
238e4f29e4564f801c458e9af757de4149acda06eec61c28b2963beed6ee671c
2c26a529b435e5f69031bdd0551951af3a0339992e66ab4eae62235bac204503
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3921a1b162dfde77a136eb59baeab096961820fe6a881d0e66a5b125792dd334
3b7dec2b010320ee859db921f7c7940789aec436ea00a2b2fc6a28a4856917f2
3bf8837c93d4e4b973ec86cb0840244363d95ebf2a782780d8fc6aa026192d09
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ec57c1c6101209d29c823c7bbc66e159ed703d25a6e0e844e4d6576714039e5
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4a0b7fa68b8149ab30ae549daa04a90f360491c04e94daf8265b0625293184fd
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
52f21d1db4d3a7dad52b1676c56d488429b5ac26999d914464676bf262d963f8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5a7a0bfbb308b16f6d2807f0f16731ac9b84a3fc7567ad0a4ccbc0bb40e4a081
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65d16284101cc081dedbed205ba3da5ad2e2df62cad97c6e959e3c10647096bc
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7a34f1460a98ed2b7fae6e1ab1fb7af96490a0aaa0aca25f9381a5e179e28327
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8c01ae5001dc56ac555dc8cce67ffc6ab6f3486e8059b348618862b1277d7376
8c9948e2a3bf566f0b733f6e61dd3f215609cfb12a3606460b338d4091f737e0
8c9cda82aff5bef3223d47c149ac7a2b4562fa01c0634f71e085698dc4c9d193
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98fbe301090bdbd674f1ca1bfbdbd80005c161534e9e5cf4216bc06ab12df545
9a7356e6e7d33272f27f8e63184c1f5abb8baf0f6cd6ee0026aaaaa2a84293e8
9f32b4cf49f54a1b442776b602573c196bf0f570990a9d22cf325e0b8f86d985
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4b3eae79ab3cc358f922a8c193cc180a7c2e905b916f3bc3c51633feecd4cd4
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b0e1a73aa367c8faaccb754196a288189a8cfc0deba2139e1ecf3db278acfb25
bee6460dc8aeffe53f71837326f8720fc6b06d1a7c877179c645e29063355114
c077e4d5004741c462e7909e6b04e880452eae46f2471acf916d3a480cd906e6
ce81e3c18a19e325d95dc41ab1ca315527990343d37767945afe7762356fca30
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7f08b59346e82c2c2f7b28ff7fcbeadc54db68626d51e6393ced00d53d100f2
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c855cf592efb8719926ef24f95a225623ceea83bbac08894eb50bae312cf72
f36c7d76fdd5fe543f05e07db9ef6c2f3010bed4ab9960b6af9af269d75ecfaa
f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13
f490af1be5aa21a3200bee659a8406e9e9b0acfc6f24ef255861660c98d5760a
fc7932b7a63af2f11d40d1d6448260b0fc29bae808b9e4978ed5a326f8cf5ce1

imgbb.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

96 %HTTPS

75 %IPv6

17 Domains

26 Subdomains

24 IPs

3 Countries

1753 kBTransfer

4437 kBSize

9 Cookies

35 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

imgbb.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

96 %
HTTPS

75 %
IPv6

17
Domains

26
Subdomains

24
IPs

3
Countries

1753 kB
Transfer

4437 kB
Size

9
Cookies

125 HTTP transactions
7 data transactions