www.updatestar.com Open in urlscan Pro
2a01:488:67:1000:5bfa:5108:0:1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.updatestar.com/es/directdownload/reshade/2471374
Submission: On May 20 via manual (May 20th 2022, 10:06:51 am UTC) from ES — Scanned from FR

Summary HTTP 158 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 23 domains to perform 158 HTTP transactions. The main IP is 2a01:488:67:1000:5bfa:5108:0:1, located in Germany and belongs to GODADDY, DE. The main domain is www.updatestar.com. The Cisco Umbrella rank of the primary domain is 279795.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 25th 2020. Valid for: 2 years.

This is the only time www.updatestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a01:488:67:1... 2a01:488:67:1000:5bfa:5108:0:1	20773 (GODADDY) (GODADDY)
6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	2604:7c00:22:... 2604:7c00:22:3:4412:50f:c03b:1b31	40244 (TURNKEY-I...) (TURNKEY-INTERNET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4 8	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3 21	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4 6	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.33.221.119 185.33.221.119	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 1	52.214.225.206 52.214.225.206	16509 (AMAZON-02) (AMAZON-02)
4 4	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
158	24

7 2a01:488:67:1000:5bfa:5108:0:1 (Germany)

ASN20773 (GODADDY, DE)

www.updatestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w1.updatestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2604:7c00:22:3:4412:50f:c03b:1b31 (United States)

ASN40244 (TURNKEY-INTERNET, US)

news.updatestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6e8ec56d1ae57b557712a4ed2528a853.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.236.247 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.119 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.225.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-206.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.90.192.27 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.28.7.81 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 6e8ec56d1ae57b557712a4ed2528a853.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 130	468 KB
50	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284	350 KB
13	updatestar.com www.updatestar.com — Cisco Umbrella Rank: 279795 w1.updatestar.com — Cisco Umbrella Rank: 383111 news.updatestar.com	227 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	125 KB
11	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	1 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530	4 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 295 fonts.googleapis.com — Cisco Umbrella Rank: 46	35 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	208 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 344	109 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 612	2 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1755	3 KB
4	openx.net 4 redirects us-u.openx.net — Cisco Umbrella Rank: 399 rtb.openx.net — Cisco Umbrella Rank: 1524	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 354	917 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1128	928 B
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	87 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1040	344 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	2 KB
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 26188	914 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 947	727 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3409	375 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	416 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	349 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	69 KB
158	23

	Domain	Requested by
26	tpc.googlesyndication.com	www.updatestar.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
24	pagead2.googlesyndication.com	www.updatestar.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
21	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net www.updatestar.com
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.updatestar.com googleads.g.doubleclick.net
9	www.gstatic.com	googleads.g.doubleclick.net
8	www.google.com	4 redirects www.updatestar.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	news.updatestar.com	www.updatestar.com
6	www.updatestar.com	www.updatestar.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.updatestar.com securepubads.g.doubleclick.net
4	image6.pubmatic.com	4 redirects
4	e.dlx.addthis.com	4 redirects
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	s0.2mdn.net	googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	2 redirects
2	ib.adnxs.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.fr	pagead2.googlesyndication.com
1	odr.mookie1.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	6e8ec56d1ae57b557712a4ed2528a853.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	www.updatestar.com
1	w1.updatestar.com	www.updatestar.com
1	www.googletagmanager.com	www.updatestar.com
158	35

This site contains links to these domains. Also see Links.

Domain
news.updatestar.com
reshade.updatestar.com
reshade.me
shopper.mycommerce.com
client.updatestar.com
www.twitter.com
www.facebook.com
feed.updatestar.com

Subject Issuer	Validity	Valid
*.updatestar.com AlphaSSL CA - SHA256 - G2	`2020-05-25` - `2022-06-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://www.updatestar.com/es/directdownload/reshade/2471374
Frame ID: 97D0C88DAAC187A9DA070F4E0543296C
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: 27EC7291766F44DF2CDC02AFABEB9AD9
Requests: 1 HTTP requests in this frame

Frame: https://6e8ec56d1ae57b557712a4ed2528a853.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9EE4013AC8A8BBA05469A5EE4D900614
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=8696530997&adk=2335003757&adf=2208971296&pi=t.ma~as.8696530997&w=1028&fwrn=4&fwrnh=100&lmt=1653041204&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041204553&bpp=4&bdt=334&idt=171&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&correlator=5867388737954&frm=20&pv=2&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q9w6iqYCqM&p=https%3A//www.updatestar.com&dtd=186
Frame ID: 6A5EEDD6564FC33CF75766B9174E7C16
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&adk=1812271804&adf=3025194257&lmt=1653041204&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041204570&bpp=1&bdt=351&idt=178&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1028x280&nras=1&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=185
Frame ID: F19ACB5DEFF2CBD0065D861ADAF0307F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Frame ID: F0ADFC2D101E3990575D98CFF3C125C8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1653041205&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x90&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041205313&bpp=1&bdt=1094&idt=-M&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd72e2f6e32c624e5-22e421d699cd00d3%3AT%3D1653041204%3AS%3DALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ&prev_fmts=1028x280%2C0x0&nras=2&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sc1XKDM4A9&p=https%3A//www.updatestar.com&dtd=12
Frame ID: 380ED8BACE9A66341CFB73912A165503
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=90&adk=3662869748&adf=955669985&pi=t.aa~a.1160110203~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1653041205&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x90&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041205313&bpp=1&bdt=1095&idt=1&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd72e2f6e32c624e5-22e421d699cd00d3%3AT%3D1653041204%3AS%3DALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ&prev_fmts=1028x280%2C0x0%2C1200x90&nras=3&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=E43K6lJXVw&p=https%3A//www.updatestar.com&dtd=16
Frame ID: 1FE8B12F9A0B82AE35B11A2759F7C612
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0AE1749B62BD2C9405F5A54C2C4EDFB4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 35A7844FA35C15AA0CC62BF78696539F
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 84CB03F07E10CE9976B9A87709EA0DDB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A25C65AD3E02C603081D7B01B286DC7F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 868F885DE256C8995E0409C4EF7354AC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Frame ID: 25393126A6A1508D9AEDBF2F60567AFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiMlZcDEOfmo5gDGOqW1MMBMAE&v=APEucNXj-UFVxWq6FzBOwJ3gQ6x-ty3BsWzBZt4C3Lo2vLWnScZwGDTql71LTRbsdFhA6JhescpLVDZi3Ss2XPqZselccJb86xMwZPb6gB5Dk-XgmilckkVwJZO98JSQUsR7hGMWcKC1O_6oXAZ6ByLzp6S22nmLp3ovVOm6LWxQlj-bqBfy9Mk
Frame ID: C721BD7DECA21D50F0100D4A5DCFBC5D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXq6-xqc2qmawiJFulTS5X8J4Ji6B-a0duUpcaJJWLvRY8rEUemmFbl4rWhOBvqInW4yp0ZADf2wrRxHxwVx_QZi1ijA&cry=1&dbm_d=AKAmf-Dxw2c_XpMC9kZACmTR-Cep_OdtUDppJiUK_x9h-7MardG0fIZwgP8G3wi_q5YwXtzQiiGvMAIOScGipeBADZaZt0QqQwnciXXyTZnsOf4fb1vQQSLdqKBbPREuprtV7kohn5T6yJNxlmBIt75Xmk6Q4Z09khpewMU74QN1zYaQz0irvazVcivoqA9d8UkrqUEpiynmewq7toLikRDFWtwOC6_Orat6gTvB0N1uMx5M6712KhDnsCL28rsCtKA5sUbHOCv-iNVeMwRo1GczsYexgKUcvubK63d4_iegDvAuFPtofJNNF8yCjGnTvXcqqcj3dJV3QuAONBBar6kH2SXvfQKetJmpf2P7DwpiLNhRLnP3W_1NXSjU85NOj7rY_P9hk2T4lq-_0NOLTdV8SPyfP0cbNxkP13dCXh3NipeykgSYGS_YfyfC5fzvOGKnwd9bXRq5sZgFVLon1ZNThMVQ3g7XL0YR7Nus1tcyUhg3eaNLZZZD926QNEmpW6RWxcS0ZF2oIJfQKRfpaV0OIPfIiFqYH8CiOV8g7llU0HvjOX4cFdzYxz6-lj_xQ4grOGMgDsHvvi878eLe7d48getCxKw65zWptz3V1Tl-exEGgHcqXkeUt4ZYATfxtRJEeSN6RtZvEu5K1fIBd74GHTmzjK3gHR8LlMB4bytTeg2mJm2PuqoT6b2nEeI6tj2Rxnyptq-3MVvNwEsxk_QYDTfCqADwNr-jA6jkEtGafJ6DRsTCDRDZ6Wa9q8zgEqdtDufZ43QbIgqf8_j8yBkQYsKoxwBpOXjlDY0dXnyG8APhzvA-ubKcYFGYbgD_CWnItN4iBjmuxwUVMuMbqK-sA5pbcSLcqnjPRJTQmMz_qa1uF0czS_RfanKzrXO7B7XYfORVzC6wQQpNDA6LkVhqH87WrKGUj8yCo75EHqNvAaGjVcn2f_8HJWS9rXpaqDBYz_1y_DHclgtcqd-6wb9PUOtA-YpVAASjFU4VNp9CEpfqBhbsEBkIrdUGgPOT0jjYG9VSftQUnEXYvJjfUKjJdSgzGRJjylz_Meo-lNvuMawsyGg5rLq1p08ikWb9H1qUbLtI3SAhhCdxVSAg-I7rJ2vLeREwKOq4KCPilSVKIykY2wPslfUBJ2WjyfTFQzPO1pj6YrHM_59UOX9fOKSXOT30jO-PMm_WIXXdsEhcqCJnsw-TtaLzwySuxzEDgKKWuzWGOhBCB-NgxnUNW2ZOS-ty5f-SmGDGaQ8PVK0Zed120-IkJX2kveyQaDbXBOk3ahzgEzBZtFqVevB4_swFl42uRbBOs10iqjfFkPQfvo1n0a93jq5yAVX1icdYR9HbVvseDw05NF1_y5IPQaP9MG4qGdcBN2R7iqLPSFsyv1jiTwjeK45R9vTn6HeaCtKVu_Nr2UphvMf9tXKB_Qi6qzLcAGtUtVmt63m5_F3GFk3t2CDieXCg8yHKC9vQjFF3LAeJsn8zpmAPv_2tWF8mk8Kc0lRkensxupL2Wa4hVJH8ZL03qLOcKtFGmWmqbipJebCzzilr_FT6mAWDcEoqW-KnzzZtuYpiEKWEhwkOdZKgKf4R45Yd5iAH0btY3mey6s6mRUg3LPIJ6o6q4m1OnxiWGXU8neng7I4dJrEvzmkAl7kiTEPy9kxhzQfvNfZpPQsHt3tZfLqzkRHxC4VFgKN9sC9TY-V8wdiRbxGaWlH1VrABECavza6lhxmdKoEjIAaTZORMQ7Hn10j_un0i98n0kc52VBjVhzKyOnwe3UA4tVsPl6qi6egqqj_uy9g-LcaSWxsxwjwakf4iRgGRY7jzBwfxoLT1X6QKSrxh6cMwnD_m8VQzsNkYjv9YkhujlxDoBysXrUinJBf6k5dPI2luEJgiNKg_EOiEi3INVzm6VI5uB7XRytJRaFArcoRmOmcFtbyoiAwbl8bwqZK73H3eGNkodlB7FLcnQKQe4AleTNnZ2lYU3VvlB_t1vjD413I1kZe0PZaXHqq-AGI39QhRGZIBZ9OxN9WAaJ5bqBtaxZbXnTDUmSRGHn70Gf8vVB1WIhaLNn-M82HQc1QIUvxsB2eUhy-aqIfMPeJ06iyQfOkwWaBfMqb7lPYTxT0XDERpXpQpkAQqsuBWV6N52Gfy2fMXO0C2uxzQb_ppJJj2C3u0A9GckrB3CWAIRAklmhGDS8Ew2GS7lZ9WVbGWmKLj1QOd7kew0QIJRZw7YcLx4gFhnO1Vmfj9TpwjOba3uo_Cud8bMZZnbuyXGAyxeoJXUyNozSnR-oat3sKjDidj5yu82uoYl7LO9M0CXPCNqiaYJ4oReHVKhx45WQRSr6NwU86yaRfFK7Jj1j_QzfNJjVPYMAlquzWP1oTcFTG89qPVYj6lC5xoaYqZ1yB5sGNTMcVXhF0SrahI7eRFEP0mjeINwnOEcT9JD-dMZsqoZkIB24VRMtio1X38Hju-W9wexKU39KLWYJU8hs_f8CQQszFZgBgvi2s8qpkNdhplhB4Fjqpb2R4RK0QWK4si9b8RXpgyt_rBpdRAN4BzglN8Ql0J3uBRrrQ6YgLOnZf4uiTZvjCS-3Dt3vommmmABaUFFIHuvkfOTjrXZ6jd_arJo_Z1ERO2LLajBLHn5G0PznuBdygHkZ1r28Pfi1BHjw0JgI7Mthhc27ayMGZQJtHgjCPPPlEfNl9Gs-xTWLGeTTDgCTX4PdZoHKWc3CwhD6A10ket8yZPBtJIPFrA_jn0gXkgB5uwN-a1EhtHmtMrhsRPhpIzOeR4Vp3SfFoPWt8iuaYhn8ZDi6OMaF5gV-Xg27ROBIYGo53drMjhXnGw-dIUrZZxL8woAwk6EhVxXzAwYvmKUsJgSFNthZ0f5zsClvqVP8gKBaZJN95OOBLeuXDqj9FInIe6KG92TvlGGvWxpmF_pgZzamwyA_y3Mn53JC6waomGofgK5PGvgnn_ebnABkvS9CP0fNpCH1Cl6NVUz21vq3OcYlkgzaMONsFnYhy17pInWrWQhu_Yo1qEGuqElet4oAEZNkAo6_NJ_eVbHCHRQSdNpQtsVBpb3n16Vq2eYif2970dZj_tP5VGBM-6lHcuPsUbTGHxqwdQRDOxrA6bd_RyGFGHxzne_cifbuDI0snoCvRvSKWRY6jLVJ5JgjkzE8AwjPB_8ibhN-NyHOaXNRGnJTfTFcIgtGDro2APOrDqm_Rv6LpZ8uf0E6WEbhmf&cid=CAASJeRoK3Dosiyk8virq4ZjDRtALNDO6gFCvjU4gVN3AODJkjH9DJg&rfl=2%2Chttps%253A%252F%252Fwww.updatestar.com%252Fes%252Fdirectdownload%252Freshade%252F2471374%240
Frame ID: 8637B8DAA4F5F6840ACCB4D2C7AB4E60
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYpKGfBTAB&v=APEucNXLq5oMQOfW6n2_rJ77K7D3t6g85eWB8w_AmANwe6F2uilecXZwjxHem6KqqPLf4mRTGQNmFlk05oBZsYGRud2Rt7za1wU9ZxxrgnD6wTgYNgrqz_9cydxqWqStCllgXKVpqro1zZQlY1nxyKOswLdXfe5GtfYis7gXIIW6Hj5P4OhCAyw
Frame ID: 01C92D07C2F785C49A84C0D28CF6B777
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DaWq_U7PZ9Q_9LD5mztQaaM0UE2_XNwnpVlfiZ3qvT0qlL0uGqRAlpv2dDRgDNErsp5JyvLKfVCWPgUWeZVgp0LjTOTcV_9l8-Rg30w_119oMnSK3fF_zjsI28O1GcGqLqlaDZx5v-uETf30naWE7s-Qpq5g&dbm_d=AKAmf-A_IO36S0PDxB538hq-yzqn5RJnmWhw5jmTyBTZNh_ftNlAonhfJ5hgxdHbIgB9ghcjxau1r6ZayGeIQTE7y0BruBmaWr3Kdf_8nnq1bc7alkfoQIYK2CEytF-OBzS5RcLUsxHlKSlDAwazdQeOSJCBtx1F0VGAPENAWsUopMofUvENQ4BBZhJDezdLbDAqulYyHB7SF9y5l2ZG72lqaeCvUq7PT02WHFdALv8GmzOioZxlJTGsDi9ix5zBgwDIJ6f59oFxVe6NNmnCXxpWQ9lSOc1C4JZEi_heEhWQoq7zj6vfxQGPrmTSqS6pHU-YGiSaKS2McwUTtuw4UwzTLQAn0FRj8WUTQRn75UwcYnytl0fBPVUMh-tQIwcUIYfml3KsFeizS5mr37rdbbdnZGz_rpt207QjyAB4F3GGt9OUvL2esCnlu8gCG2RrpjFPwokBWWTLwcMEdDjnbGSFmKuQDoPpkkbZBBmo_JGeVPf39W2CT2DWVBFT1GYtxgp6EYDviRnfyu7_5wzrqyfYRc065bZtaKwhOtSwtF4qSGvhcfMgp9_UETuczUzMZXrFU_N9Q4AJ5hRfsyxDk5an3h43t1Ia8aSmbn5vQW8AESg5DE_tOiur-t7doxL4tHFQ9j4sxov34z64g1eUnB0jePAKUwy9YA6IaTi9EQJb3dbEkG5fGTX7McU3FKdP5ThleOKof3LCRpob05BpbPS8pDNNONB37oAy9Fg8z0EVX6aVv5ZL7bRkRUtui6f8YB8H6sfacLUATcCGBbgRWjKdYh-D313rfYpcyeFzw6dOSC2JPWGrptR7jgRsGU0ntoC6217q6t9wzMj66qMLlkW-4yUk8BoOFoCbl-T1rNe0jpJGYbBPdlaNKm0vGn2S7kVb25oAAGgpn3hXvIy4eP8Ie1PcdXSuQCF73H_abewFI3V6w6DqgA84KiX3nqAmFBFC5gziDwXx6wujoe1xelaZEwDP9BrT4M9EHAgrzsv9J5lqkP6D5F2tUWp54n8-cGxA-M4nz-oJPv8nIeweV8yhclb6hiZQjlxwJShpvTTvN4yKgwQmIWhJO0P8bAL5TnQ6TdLP0dN3jvMzN903e2pI2_oU1E9k1d7RzOJc-F8gE9XNb7X4kf3WYsn1bcRNnYFcc_GHBQDplTdFKj7uSqkEm5uRhGNlt_BVkrTbDfJQfH8nSJOJTPcEScxqs2_jgYkptyuTdNWvdu4dztE-kIBFbfz9so0M_jBALt3B_9M05IlZ5YohxBU7l5tMMXlX9chbx7Ivi7IvvIYA6IrYZLcZ_mnpxtWr5HruG6ktcoUl-WoARQCAXCG90y_onGqyngWarhDLZG8tlRjr5W1LOHozXCGyoQzK3SJL7o6WjU7lYa29zrpSfBJEc6XXJPNiXYPUPgI3RQnWy-ZhmXMtQh_Dlilx1u52oVDuXCXisz9N8VgUdURZ90AvWMZixSNd-8sdVojqzk7Ejly72cvARoVbXwsKi4oH4e47i4Mu_KJhaleVuK79pB_c5XwmZa7FeOdp76OgTwQd0JWn--Ta6arw0kPeYi6s1qUkBrnZwbojXRl3WyUIKwoR5zn6-8Oi_QDPwzGfGRu5Jn3WcKBm0-hCEftE4dfpkT7_0KzPql1oWuxNsu_TwPFipaFGwpEEr46SKbyhqG3UsU1ZvRdlXpgklLWr3WxRPhBXnjj8I3di9DZpu7MhoZRaIAu0aCAVRcW40Qud_IK-cI9UmwfDDXy2t9-zdr3Q9zd7JTvL-jZzS2OKeX0TQ4v6OymJST8ZJ5_xJcyCrF1t8zT7qrlfAnobUcrzPG4LI6lYYkYv0mxh6EuISXnSV4TNwb4IerypjqQSvtn1GT8WWgn71HU0HGT9gzIKLH7P4W7nL9ve_IKtf7BzJV_8jcDy6rtvnJ1Iuco6lWLXPFgi90LAuoZmHDHn-imt0IDIK9LkV7q1Wed48u0DTyujou8pCaEcDaNYG6Jx5zGY1pa5V33KGZBHlyvwLNBww0n0opG9eDFGjApl-CIv4YxhPqNcFu8Euf89TR5NdIShsAaZUrYq9rIKD6d6yODL9-UlhWFQzrqoZxZUGqPaQuH-31xsSttXvV3_93u81s4QdLENFZzyt8OlMIBM2LoITyrYXOr6_19UnsD5bCQtw3uVaDgLXntJV583goLIcFEgm8zR62Fd8EwJ3GB07tVZkXX5flzDbuYeB-SuGKGefE_t-hyGjH0GvTWpfFcMqGobKXUr2uNxI0wA8fz3-SGBIUlDmdcrfyKB60Em5fiZBV1gUzKkVffYiEB-jvf_cJIW_f-qROC8awvQ5TM7sr-wejpfzHK6a-iC-EnvO8yXAN8gtzdvm8Yi4LvVds8zsrznjInB73sNo9de84c7x5_e1_2ixBLyK7h1MngZviv9k3L2oibEZ9UiaStepaUkGFrhX5Sex2UQSHp3ZIZkthDlIKCBsKYUvCRYdRH5k3xNFAQZq-MbHcrScQpgU9JfjuG-NCqk-b-7hfkvNjAE9cuuAVNpPQoAodtjGBWCO4YrGgSbHYcu2Ru2196Fx2oCETAjZXonEhXAZDoFK9GAiWAhdQNhsGMqu0-ca_tS8Dg7GU_NanynsAKbGvmOYQG9hhVDUHf83OJEykDgnC1JJSHA83SdQb8SXyt6MuXJW0h0hlIHKgmIsgDzvaGkXcI3ngJwyCVCuBO5l_MbPbjkTZYrRXyLmjS3MZgHCtbeyj1PRYt8RORV4Kx6Bmj6Aw2ZKZX4Jnl7tVDqD3hlxATaI9uxmm8P-d34-nn31mABQIdN-wibKSrB3xuon_cNFe3QPnhPlGs2gijWg8q22j5XmgwTnkRq6B45ujolm2-oSDuaFhR_ySysP0PQr5e9qXtl8fAxxz1MTfUanCm4L0P88PbVE4QA1oWT1iE8iSoV7MN4QYbKvMoEelFeeix1rVHiATdQ24WzrTJ3e0LJBqVLBFCt-zdAHf61bvnTw-ow3g7aS-WvXnW3QtUsTOpJoVYZOe-V2QMeykKyRiqAmNeNUlKDr1kCdK-z4gBoY6XCkN3Pe-ii6ZzY0tSpXtR0m2gZa_LVdusZ&cid=CAASJeRoIDMP9i19U8sO9GqeJadCaB48bgRroUioJXUSTEgt1o3guro&rfl=2%2Chttps%253A%252F%252Fwww.updatestar.com%252Fes%252Fdirectdownload%252Freshade%252F2471374%240
Frame ID: 8C5DB750C95738EFF1C370606FC73194
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5831ECED05B836D19ED7C71139CF28AC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D23F0DD3E918F68F8C21347938684328
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 55D1D593CF6E61D54B5A123E535D8C6D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4A6C8DF7DC11F3F2D59540C71B53480B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9897526BE2B4F59EC91ABF70C90123F9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Frame ID: BB65B45606C146FBB1687BC67A7E7F04
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE6896F6CBB21FA12F00C990BA209192
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 57C9FC38F06FC292A841B83F0BACE76B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Reshade 5.1.0 - Descargar

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

158
Requests

89 %
HTTPS

58 %
IPv6

23
Domains

35
Subdomains

24
IPs

4
Countries

1683 kB
Transfer

4429 kB
Size

29
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://news.updatestar.com/
Title: Software News

Search URL Search Domain Scan URL

URL: https://reshade.updatestar.com/es
Title: Reshade

Search URL Search Domain Scan URL

URL: https://reshade.me/
Title: Descargar

Search URL Search Domain Scan URL

URL: http://shopper.mycommerce.com/softsell/visitor.cgi?affiliate=61245&action=site&linkid=234234&vendor=17130
Title: Reshade

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/updatestar/features/
Title: UpdateStar

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/firefox-100-0-1-available

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/ccleaner-6-available-for-download

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/foxit-reader-11-2-2-available

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/new-windows-patch-kb5011831-available

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/vlc-media-player-3-0-17-4-available

Search URL Search Domain Scan URL

URL: https://news.updatestar.com/post/chrome-100-0-4896-127-update-available

Search URL Search Domain Scan URL

URL: https://www.twitter.com/updatestar
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/updatestar
Title: Facebook

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/drivers/overview/
Title: Drivers

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/productkeyfinder/overview/
Title: Product Key Finder

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/passwordfinder/overview/
Title: Password Finder

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/onlinebackup/overview/
Title: Online Backup

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/localbackup/overview/
Title: Local Backup

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/videoconverter/overview/
Title: Video Converter

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/sigparser/overview/
Title: SigParser

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/appcleaner/overview/
Title: AppCleaner

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/help
Title: Preguntas más frecuentes

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/contact
Title: Contacto

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/privacy
Title: Privacidad

Search URL Search Domain Scan URL

URL: http://feed.updatestar.com/usfeed
Title: RSS

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/partner
Title: Socio

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/about
Title: ¿Qué es UpdateStar?

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/press
Title: Prensa

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/team
Title: Equipo

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/investors
Title: Inversores

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/reseller
Title: Encuentre un distribuidor

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/localization
Title: Localización

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/freelicenseprograms/
Title: Canciones de Licencias

Search URL Search Domain Scan URL

URL: https://client.updatestar.com/en/pad
Title: Presentar un producto

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 73

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 75

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YodoNld0NRHXGJQxEijmxQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYzMzc2OTA4NjQzNzQ4NjE2Mw%3D%3D

Request Chain 104

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTU0NjI2YjktNDMwMy0yNWRiLWQyYzAtZDgxMmNiMmRiNjM5

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=&google_error=15

Request Chain 129

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 131

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJmPECDNOfRD2_Jq-dQt-2QZoUbqv1x-dCGdov2sbOh6F6ETtAHTXXO8v3f5E6YaK5fT_qJd6Chh-Q6rMNc9wefZifdbOI&google_gid=CAESEP8jjaFjfans6M6RyVKlPrE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9kb05nQUFBUUdmSGo4eQ&google_push=AYg5qPJmPECDNOfRD2_Jq-dQt-2QZoUbqv1x-dCGdov2sbOh6F6ETtAHTXXO8v3f5E6YaK5fT_qJd6Chh-Q6rMNc9wefZifdbOI

Request Chain 132

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJHpttHUBoz3BFxXpJrQq-zxKCpir9XLXryYFBNlC6uPN4ejZZZeHhSjH8Y7mr-p9vXjwxZhic6ATlRxAAgH5hV25P9_aU6&google_gid=CAESEO1Lzghx6pzqtogTb6o4lUE&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJHpttHUBoz3BFxXpJrQq-zxKCpir9XLXryYFBNlC6uPN4ejZZZeHhSjH8Y7mr-p9vXjwxZhic6ATlRxAAgH5hV25P9_aU6&google_gid=CAESEO1Lzghx6pzqtogTb6o4lUE&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjAxMDA2NDYwMDAxNTczMjkwNzgzNw%3D%3D&google_push=AYg5qPJHpttHUBoz3BFxXpJrQq-zxKCpir9XLXryYFBNlC6uPN4ejZZZeHhSjH8Y7mr-p9vXjwxZhic6ATlRxAAgH5hV25P9_aU6

Request Chain 133

https://rtb.openx.net/sync/dds?google_gid=CAESECq7lRMpA_lgvFQVEXdc1wA&google_cver=1&google_push=AYg5qPK7dDZmBNI03AfmkSPbPjxyRoWaY1BbuOwcScjxZ-C0vGyn4IY61THIZsrbWUASxwrcTQjxgLgbqeH6934f7PHfysLKQYHL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK7dDZmBNI03AfmkSPbPjxyRoWaY1BbuOwcScjxZ-C0vGyn4IY61THIZsrbWUASxwrcTQjxgLgbqeH6934f7PHfysLKQYHL&google_hm=Vn9_TyPywlEhVM4c0tZC4w==

Request Chain 134

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEKgeMOBodGz_KfI8_AN1zI&google_cver=1&google_push=AYg5qPK1zCMnCReSNoaaVTkRxSBePfaSuVs_lVo8nzQ1g9ipc1LZuydBTmqeJu7QP2aSl3b0I2QDmp4zgS_Gx8b3x1Ei_O2_kLjP HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEKgeMOBodGz_KfI8_AN1zI&google_cver=1&google_push=AYg5qPK1zCMnCReSNoaaVTkRxSBePfaSuVs_lVo8nzQ1g9ipc1LZuydBTmqeJu7QP2aSl3b0I2QDmp4zgS_Gx8b3x1Ei_O2_kLjP&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iBWzMVA3SReZCXjORG65qw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK1zCMnCReSNoaaVTkRxSBePfaSuVs_lVo8nzQ1g9ipc1LZuydBTmqeJu7QP2aSl3b0I2QDmp4zgS_Gx8b3x1Ei_O2_kLjP

Request Chain 135

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELhG-3xV4osdP15jC8m8FIc&google_cver=1&google_push=AYg5qPKLx1oUqCdt9258n2eT0NAA5CEnsysDTVKOgK2E0TR39erK1y7tbtyR2W4kp_c8XT2gdqcurOyniFRq4sHS9esDncfDDnQc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNFQTFYWkMtMVYtS0ZZRg==&google_push=AYg5qPKLx1oUqCdt9258n2eT0NAA5CEnsysDTVKOgK2E0TR39erK1y7tbtyR2W4kp_c8XT2gdqcurOyniFRq4sHS9esDncfDDnQc

Request Chain 136

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKh_lrQv522XmysBlAoN5Jo&google_cver=1&google_push=AYg5qPIagr9DUAwVbNGUMogiCPiPEFk6TEVpz5SR4Mf0QdpMP2qomz9pCWkF7JxaPsgci_VltQeEFNZYf1sYeOUk-OXT97k7aT2O HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YodoNld0NRHXGJQxEijmxQAABI8AAAIB&google_push=AYg5qPIagr9DUAwVbNGUMogiCPiPEFk6TEVpz5SR4Mf0QdpMP2qomz9pCWkF7JxaPsgci_VltQeEFNZYf1sYeOUk-OXT97k7aT2O&google_cver=1&google_gid=CAESEKh_lrQv522XmysBlAoN5Jo

Request Chain 139

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLBk5JAyZ-G1UMamtMhGC51ckuTzcliCP0u5r007-CW_8XP-kG9VUM_EbtNqVIV0_MX7iyghAkIFxb_K9bUMzCjZx13znA&google_gid=CAESEO1Lzghx6pzqtogTb6o4lUE&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLBk5JAyZ-G1UMamtMhGC51ckuTzcliCP0u5r007-CW_8XP-kG9VUM_EbtNqVIV0_MX7iyghAkIFxb_K9bUMzCjZx13znA&google_gid=CAESEO1Lzghx6pzqtogTb6o4lUE&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjAxMDA2NDYwMDA1NTY3NzA0OTM0Nw%3D%3D&google_push=AYg5qPLBk5JAyZ-G1UMamtMhGC51ckuTzcliCP0u5r007-CW_8XP-kG9VUM_EbtNqVIV0_MX7iyghAkIFxb_K9bUMzCjZx13znA

Request Chain 140

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELwL3Eigd4Jb_rqk0jv27fM&google_push=AYg5qPJHgbbwHNkksEjnN5JMm98SHLkHwpcATG_z3hVHqLPurmNnuH9pSFkiTUpKOgVFkiRAqb5UhJB-9s3WW0fUdjKSc1D38bdw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPJHgbbwHNkksEjnN5JMm98SHLkHwpcATG_z3hVHqLPurmNnuH9pSFkiTUpKOgVFkiRAqb5UhJB-9s3WW0fUdjKSc1D38bdw&google_hm=MTA4MTI4NjEyMzIxMzY2NzQ1NTY

Request Chain 141

https://rtb.openx.net/sync/dds?google_gid=CAESECq7lRMpA_lgvFQVEXdc1wA&google_cver=1&google_push=AYg5qPI-OCjWwG-HJb0Cf23yMp8ZExdWbKPG7hyO5cqUFehL1lUvYFdBiLcfWETbVoSGv6MHrqPBpk7Ne4az6mwHrKpp-9_L5Zvi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI-OCjWwG-HJb0Cf23yMp8ZExdWbKPG7hyO5cqUFehL1lUvYFdBiLcfWETbVoSGv6MHrqPBpk7Ne4az6mwHrKpp-9_L5Zvi&google_hm=Vn9_TyPywlEhVM4c0tZC4w==

Request Chain 142

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEKgeMOBodGz_KfI8_AN1zI&google_cver=1&google_push=AYg5qPI5RGWgWjwEqYytDUqoXTbrWnxM3OIMv5EoqGorezsovsbLTQ4AkQl7wniMGZo5p5oxkLvSXvVNuaz921Cc9KhCuvzeWDVN HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEKgeMOBodGz_KfI8_AN1zI&google_cver=1&google_push=AYg5qPI5RGWgWjwEqYytDUqoXTbrWnxM3OIMv5EoqGorezsovsbLTQ4AkQl7wniMGZo5p5oxkLvSXvVNuaz921Cc9KhCuvzeWDVN&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KF2FIPw1SvSKyOybdNAscQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI5RGWgWjwEqYytDUqoXTbrWnxM3OIMv5EoqGorezsovsbLTQ4AkQl7wniMGZo5p5oxkLvSXvVNuaz921Cc9KhCuvzeWDVN

Request Chain 143

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELhG-3xV4osdP15jC8m8FIc&google_cver=1&google_push=AYg5qPKSQpEcIWWx5JCYJk8J0NiHNvmVgpOYF9cbvUityr-cZm4GN_iMENYJ5EJKsL7O5KL7yynDtlzcS2e8N1O1wuM0lQknxrQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNFQTFYWkctWC1EMlJR&google_push=AYg5qPKSQpEcIWWx5JCYJk8J0NiHNvmVgpOYF9cbvUityr-cZm4GN_iMENYJ5EJKsL7O5KL7yynDtlzcS2e8N1O1wuM0lQknxrQ

Request Chain 144

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKh_lrQv522XmysBlAoN5Jo&google_cver=1&google_push=AYg5qPKqA2xTmt62s6YqU0A3-_l9eiQu93FbPpfaRiYQzmE68xQCRJhvZ5tTS2gkd7az3BDZdm4nLxSopfNTlgQ78zUtZ_WWJg8M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YodoNld0NRHXGJQxEijmxQAABI8AAAIB&google_cver=1&google_push=AYg5qPKqA2xTmt62s6YqU0A3-_l9eiQu93FbPpfaRiYQzmE68xQCRJhvZ5tTS2gkd7az3BDZdm4nLxSopfNTlgQ78zUtZ_WWJg8M&google_gid=CAESEKh_lrQv522XmysBlAoN5Jo

158 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 2471374 Show response
www.updatestar.com/es/directdownload/reshade/ 33 KB
6 KB 205ms
58ms Document
text/html 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.updatestar.com/es/directdownload/reshade/2471374
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: b832270f87c81a57b0a00f71c092f1817547ac3faf640973ab21ee8657597054

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache
Content-Encoding: gzip
Content-Length: 6156
Content-Type: text/html; charset=utf-8
Date: Fri, 20 May 2022 10:06:42 GMT
Expires: -1
Pragma: no-cache
Referrer-Policy: unsafe-url
Vary: Accept-Encoding

GET
H/1.1 200
OK icomoon.woff
www.updatestar.com/fonts/ 5 KB
3 KB 48ms
47ms Font
application/x-font-woff 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.updatestar.com/fonts/icomoon.woff?mv55hb
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 38fd859bcbbd6cfac90958b3ec0ffe155f5eee9dd8a2f58f934d3cb41d97b924

Request headers

Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
Origin: https://www.updatestar.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:06:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Dec 2019 15:15:20 GMT
ETag: "0b46378a3aed51:0"
Vary: Accept-Encoding
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 2863

GET
H/1.1 200
OK bundle.min.css
www.updatestar.com/css/ 137 KB
22 KB 76ms
27ms Stylesheet
text/css 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.updatestar.com/css/bundle.min.css?v=5bea96fa17d8d7913bcff38bb2d92b8b
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 6e16cbeacdbd2d1154e8249a41bc885b3778aece5429cf3f619a9d3b71175a35

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:06:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Mar 2022 16:58:08 GMT
ETag: "090a4868d2dd81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 22272

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 116ms
49ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

d7f9e773df58578a31e39563a1c27d77a2818d2f54491b28b0dc6991d20e8ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29037
x-xss-protection: 0
server: sffe
etag: "1220 / 975 of 1000 / last-modified: 1652997910"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 20 May 2022 10:06:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
69 KB 105ms
44ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QYZVPCNV1D

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a599aafcbae80428d4c60edf27ce01525abaccd98bb93d79a11d998e083a7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70151
x-xss-protection: 0
expires: Fri, 20 May 2022 10:06:44 GMT

GET
H/1.1 200
OK uslogo.svg
www.updatestar.com/img/ 12 KB
5 KB 27ms
26ms Image
image/svg+xml 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.updatestar.com/img/uslogo.svg
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 20eead7e17d56b571a5ee1cf2d1c7f6ca79bc672fcd01b6e2273a3ec8973033b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:06:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 May 2021 16:43:21 GMT
ETag: "80dab23c4e52d71:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 4905

GET
H/1.1 200
OK 2471389.32.png
w1.updatestar.com/img/icons/ 432 B
669 B 157ms
27ms Image
image/png 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.updatestar.com/img/icons/2471389.32.png
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 72cab38d2c79b7dbd91f290f71aac2b1cee28865ae3f72f0c6a54e9df76c154d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:06:42 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 12 Jan 2021 01:40:12 GMT
Accept-Ranges: bytes
ETag: "7025b0de83e8d61:0"
Content-Length: 432
Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
56 KB 128ms
59ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79f23a519a36b83e5c340adae2d851a2823acbeb450e2995047ca157db403ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56925
x-xss-protection: 0
server: cafe
etag: 15776158896010702394
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 May 2022 10:06:44 GMT

GET
H2 200 firefox82.360x203.png
news.updatestar.com/images/sized/ 20 KB
20 KB 301ms
93ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/firefox82.360x203.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

bb83b9dd8cdea1c7829136b2dca181b7424d3c8b18a6ed8207d96da614e03274

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
etag: "1d6a6f0abe0e308"
last-modified: Tue, 20 Oct 2020 14:52:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/png
cache-control: public, max-age=604800
date: Fri, 20 May 2022 10:25:45 GMT
accept-ranges: bytes
content-length: 20488

GET
H2 200 ccleaner556.360x203.png
news.updatestar.com/images/sized/ 30 KB
30 KB 391ms
184ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/ccleaner556.360x203.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

9e1a0e894abc05b2a059b358748058b6bcf54a81e265b01226a2e2dcbeae5829

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Thu, 23 May 2019 07:53:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d5113c8ab360e9"
content-type: image/png
cache-control: public, max-age=604800
date: Fri, 20 May 2022 10:25:45 GMT
accept-ranges: bytes
content-length: 30441

GET
H2 200 foxitreaderlogo1.360x203.png
news.updatestar.com/images/sized/ 18 KB
18 KB 480ms
273ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/foxitreaderlogo1.360x203.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a7b0c24d345476de0dce12ea497ad5441b42fb6b67f53e759aaef7987f6a1d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
etag: "1d5d137f62046d8"
last-modified: Wed, 22 Jan 2020 15:23:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/png
cache-control: public, max-age=604800
date: Fri, 20 May 2022 10:25:45 GMT
accept-ranges: bytes
content-length: 18648

GET
H2 200 windows10update.360x203.png
news.updatestar.com/images/sized/ 48 KB
48 KB 483ms
276ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/windows10update.360x203.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c276bb98937d9ecaf38d3442b7e5f2c765badd42a83d9b582a2b405de033ef95

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
etag: "1d50599b0b30ae5"
last-modified: Wed, 08 May 2019 12:29:33 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/png
cache-control: public, max-age=604800
date: Fri, 20 May 2022 10:25:45 GMT
accept-ranges: bytes
content-length: 48741

GET
H2 200 vlcmediaplayer308.360x203.png
news.updatestar.com/images/sized/ 22 KB
22 KB 545ms
366ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/vlcmediaplayer308.360x203.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a840a4d4e10632a52f6e535281be12304036c383888db1cacb2d11cb62fd4d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
etag: "1d557f9747b72cf"
last-modified: Wed, 21 Aug 2019 08:21:39 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/png
cache-control: public, max-age=604800
date: Fri, 20 May 2022 10:25:45 GMT
accept-ranges: bytes
content-length: 22863

GET
H2 200 chromelogo1.360x203.png
news.updatestar.com/images/sized/ 13 KB
13 KB 454ms
275ms Image
image/png 2604:7c00:22:3:4412:50f:c03b:1b31
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.updatestar.com/images/sized/chromelogo1.360x203.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:7c00:22:3:4412:50f:c03b:1b31 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ee37b643cf3a2df01f5eec9d5e90ae0b8c9fa384632aa111d783ad16de299bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
last-modified: Tue, 14 May 2019 09:03:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d50a33efcbb124"
content-type: image/png
cache-control: public, max-age=604800
date: Fri, 20 May 2022 10:25:45 GMT
accept-ranges: bytes
content-length: 13348

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 87ms
27ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 02:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 May 2023 02:17:44 GMT

GET
H/1.1 200
OK main.min.js Show response
www.updatestar.com/js/ 48 KB
16 KB 28ms
27ms Script
application/x-javascript 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.updatestar.com/js/main.min.js?v=9274c21127d4d657506b3661b932862c
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 3728c4200575ae429059881bd337d80412973989b3d9dcac88323dd8696bebe6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:06:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Mar 2022 16:58:08 GMT
ETag: "090a4868d2dd81:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 15899

GET
H/1.1 200
OK bundle-dark.min.css
www.updatestar.com/css/ 150 KB
23 KB 80ms
80ms Stylesheet
text/css 2a01:488:67:1000:5bfa:5108:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.updatestar.com/css/bundle-dark.min.css?v=fb0807a66a330bdbff8e757389df1781
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2a01:488:67:1000:5bfa:5108:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: cd7e155cc1a97d339ee280ca2b48faf49066403eb3a83956acdd797a1783032f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:06:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Mar 2022 16:58:08 GMT
ETag: "090a4868d2dd81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 23027

GET
H2 200 pubads_impl_2022051701.js Show response
securepubads.g.doubleclick.net/gpt/ 366 KB
124 KB 26ms
26ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

3bd4eb2ece0fe98f279a14bb2b61ecbbcd501a598b50f1f8b211f76ecd420996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127273
x-xss-protection: 0
last-modified: Tue, 17 May 2022 08:34:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 May 2023 10:03:39 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 100 B
114 B 90ms
37ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.updatestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa6dcb911eda03514228566816bb4a44d722a336df4aba0976948a44f8db6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Fri, 20 May 2022 10:06:44 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
349 B 95ms
35ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QYZVPCNV1D&gtm=2oe5b0&_p=1001956168&_z=ccd.tbB&cid=86970508.1653041205&ul=en-us&sr=1600x1200&_s=1&sid=1653041204&sct=1&seg=0&dl=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&dt=Reshade%205.1.0%20-%20Descargar&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QYZVPCNV1D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.updatestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205160101/ 310 KB
111 KB 104ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4118765744455397&plah=www.updatestar.com&bust=31067655

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c95d5f04773972bf06871d102ca2d5b977dbf9adae371b817b56c088e27403ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113355
x-xss-protection: 0
server: cafe
etag: 18067516658830115699
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 20 May 2022 10:06:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame 27EC 10 KB
5 KB 92ms
26ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 41145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 22:40:59 GMT
etag: 1428802124239944296
expires: Thu, 02 Jun 2022 22:40:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 102ms
40ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.updatestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
11 KB 373ms
373ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1446157209565466&correlator=4435415315756113&eid=31067485&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=1032860%2CDownload_Top_Center_Leaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=3147671074&sfv=1-0-38&ecs=20220520&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1653041204608&lmt=1653041204&dlt=1653041204219&idt=363&biw=1600&bih=1200&adxs=286&adys=136&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&frm=20&vis=1&scr_x=0&scr_y=0&psz=1058x1121&msz=728x90&fws=0&ohw=0&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=true&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

91c8b82c7fb728069e9d74374685ca27795ec678577ee4c6acc6aff344ecf5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11564
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.updatestar.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6e8ec56d1ae57b557712a4ed2528a853.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9EE4 6 KB
4 KB 130ms
34ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6e8ec56d1ae57b557712a4ed2528a853.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:06:44 GMT
expires: Sat, 20 May 2023 10:06:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
416 B 72ms
37ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.updatestar.com&callback=_gfp_s_&client=ca-pub-4118765744455397

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4118765744455397&plah=www.updatestar.com&bust=31067655

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

66fded86d5c88131bb971488b31a15ef3fd5a349f0d648e6f34c3488c97099d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 96ms
34ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.updatestar.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 89ms
35ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.updatestar.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A5E 91 KB
32 KB 1018ms
963ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=8696530997&adk=2335003757&adf=2208971296&pi=t.ma~as.8696530997&w=1028&fwrn=4&fwrnh=100&lmt=1653041204&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041204553&bpp=4&bdt=334&idt=171&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&correlator=5867388737954&frm=20&pv=2&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q9w6iqYCqM&p=https%3A//www.updatestar.com&dtd=186

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa6b48a06e42c5cdc782f588d5efb0a3e5fadb71300ccdded852db11541d0ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32998
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:06:45 GMT
expires: Fri, 20 May 2022 10:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F19A 244 KB
58 KB 499ms
461ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&adk=1812271804&adf=3025194257&lmt=1653041204&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041204570&bpp=1&bdt=351&idt=178&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&prev_fmts=1028x280&nras=1&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=185

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5d583c427f0e29d696894a5eee256b28ecddf01e09ef766a882164a5fc70ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 59149
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:06:45 GMT
expires: Fri, 20 May 2022 10:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012204292129000/ Frame F0AD 220 KB
61 KB 94ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 346897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61295
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 09:45:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c00c4adb72e5cb7f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 09:45:08 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame F0AD 14 KB
5 KB 137ms
69ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 346897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5188
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 09:45:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "176361d496ccc411"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 09:45:08 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame F0AD 94 KB
28 KB 140ms
72ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 346897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 09:45:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4b15b3c971f95798"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 09:45:08 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame F0AD 5 KB
2 KB 150ms
82ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 340046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 11:39:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a2652581fdabc981"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 11:39:19 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame F0AD 40 KB
13 KB 150ms
83ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 346897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12953
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 09:45:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8a2450dae6a66803"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 09:45:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F0AD 5 KB
1 KB 97ms
36ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

26b7d66f5365fc4106d97bd0e796c21decc09ad3b96afe831d7c0c7ba7b4e7f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 09:33:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 10:06:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 10:06:45 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F0AD 3 KB
3 KB 89ms
26ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en_bl.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 05:36:25 GMT
x-content-type-options: nosniff
server: cafe
age: 16220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 3004170791804808702
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2980
x-xss-protection: 0
expires: Sat, 21 May 2022 05:36:25 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F0AD 344 B
449 B 90ms
27ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 12031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 21 May 2022 06:46:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F0AD 0
0 99ms
36ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_SRIRkwn3zsm9XIueZcbnj-wd3s6EfLNC8W63VuCo4s9Eg-yOY_GAuwovslPoAzL7QAd0h6f8BdTpx-VEdfuXXLPrEA
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F0AD 0
0 68ms
67ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFSV6NGiHYp6TKMLa7_UPwa2siAbJsu33af-Bof_xDquU9P0IEAEg1rWlBqABjezk2QLIAQGpAs49gBdENKo-4AIAqAMByAMKqgSpAk_Q87JL6pFzlaTPAG-roIIPZaUgDlB_ZQmtEWloAN-XiLFZNysUL3xa7pAAqglszmTzkF4-Oi94LQGm2wroyO_9JYjDxZxMNlk3fdtfV-KmzQSXkUsZpFZWKL79uzXsdOf7-tg1fjO5PHXCeYfnC4Baqv-Fi68BLi69xJK49jlSLxrBATG8PN64EhYxX-I-lJ1eEZZwy5cGpTwobcuHJ2AdrgUi5QpQ4BlwINQ7BGF1AL-Afs1XleEoXxQmrVjeVvTO7WzzEnC60A-mgGUKD5j6QAZpZexFMA2qSn7zY2BTqbm3D5VZ_NyVrxXwpGtJpcpKDl6O57wL0v0Oq1Zxz1GPNxioSXwfF6jCuMOrQJi5BNnXoREydh0gApUWaUUEigYQ4tJSqR6OkcAEoMCdzOYD4AQBkgUECAQYAZIFBAgFGASAB9uTm6YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqr4D0ggHCIhhEAEYHYAKAcgLAdgTDYgUA9AVAYAXAbIXHgocCAASFHB1Yi00MTE4NzY1NzQ0NDU1Mzk3GOy_Bw&sigh=lHaTdg6UKi4&uach_m=[UACH]
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame F0AD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 071859fb3e9c665f3a1f0db8cef4c0f4b611396ac5d7623f0162d774dbfd75de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame F0AD 44 KB
44 KB 88ms
27ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.updatestar.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 337807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:16:38 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F0AD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

75ms
75ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374
Protocol: H3
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

date: Fri, 20 May 2022 10:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205160101/ 147 KB
52 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205160101/reactive_library_fy2019.js?bust=31067655

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e79b86b0e4240344fe9c2a45b621862d35117ee64350eedf3a7d6df0bd7a00c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53583
x-xss-protection: 0
server: cafe
etag: 4255944104015797316
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 May 2022 10:06:45 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 89ms
36ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.updatestar.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 37ms
37ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.updatestar.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 380E 21 KB
10 KB 398ms
398ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1653041205&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x90&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041205313&bpp=1&bdt=1094&idt=-M&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd72e2f6e32c624e5-22e421d699cd00d3%3AT%3D1653041204%3AS%3DALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ&prev_fmts=1028x280%2C0x0&nras=2&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sc1XKDM4A9&p=https%3A//www.updatestar.com&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a670af432122e3764c4158dc266777f44759e2f7fa46eb3be9da908db1b1c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10321
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1FE8 21 KB
10 KB 363ms
362ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=90&adk=3662869748&adf=955669985&pi=t.aa~a.1160110203~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1653041205&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x90&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041205313&bpp=1&bdt=1095&idt=1&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd72e2f6e32c624e5-22e421d699cd00d3%3AT%3D1653041204%3AS%3DALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ&prev_fmts=1028x280%2C0x0%2C1200x90&nras=3&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=E43K6lJXVw&p=https%3A//www.updatestar.com&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

140aed74a8039cc990606d83d6e9e307991f88e212203d0006324f9a788de078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10378
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/ Frame 0AE1 10 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 39280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 23:12:05 GMT
etag: 1428802124239944296
expires: Thu, 02 Jun 2022 23:12:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/ Frame 35A7 10 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 39280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 23:12:05 GMT
etag: 1428802124239944296
expires: Thu, 02 Jun 2022 23:12:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 0AE1 4 KB
633 B 89ms
36ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 09:32:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 10:06:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 10:06:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0AE1 205 B
743 B 85ms
26ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 05:38:11 GMT
x-content-type-options: nosniff
age: 16114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 20 May 2023 05:38:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0AE1 604 B
694 B 85ms
26ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:41:38 GMT
x-content-type-options: nosniff
age: 1507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 20 May 2023 09:41:38 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 0AE1 19 KB
8 KB 90ms
35ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 09:39:00 GMT

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 35A7 9 KB
4 KB 82ms
32ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 08:03:38 GMT

GET
H2 200 7e8d9be85afe70328c144e2bd1bc7ea5.js Show response
www.gstatic.com/mysidia/ Frame 35A7 8 KB
4 KB 99ms
49ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7e8d9be85afe70328c144e2bd1bc7ea5.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e011e5db5fba47db92bc725349b3ef86a4c8cdb49a750ab259704596e0e5ef05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3703
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 08:03:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 35A7 8 KB
892 B 77ms
36ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 09:31:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 10:06:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 10:06:45 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 35A7 2 KB
904 B 84ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:04:04 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 35A7 21 KB
8 KB 71ms
27ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:02:54 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 35A7 3 KB
1 KB 84ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:03:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35A7 135 KB
42 KB 111ms
52ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 10:06:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 35A7 17 KB
7 KB 70ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:01:49 GMT

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 35A7 30 KB
12 KB 74ms
27ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 08:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 08:42:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 84CB 8 KB
892 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 09:30:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 10:06:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 10:06:45 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 84CB 2 KB
904 B 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:04:04 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 84CB 21 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:02:54 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 84CB 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:03:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84CB 135 KB
41 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 10:06:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 84CB 17 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:01:49 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 84CB 30 KB
12 KB 80ms
26ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 08:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 08:42:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 35A7 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1MunNGiHYu2_MoGQjuwP29SU8AzJsu33af-Bof_xDquU9P0IEAEg1rWlBmD7AaABjezk2QLIAQGpAptNb9CZMKo-qAMByAPLBKoE8AFP0EzbV_ktOIsdDzKOI-04mlrbN9HMggY9JYVL1dQGab0UDJOvUCVKnLurDpkA_p87oeR3lpNpNcBiO6glDLyfvYPeD1e8FkByb5-laIQ4VyBpz78gGexcPA4nk9OLYF5iw7KklzHeMmmOaGhycNg3daDOI9cCCJjD9Y6U_iZW3-03Q3g2Kpou28mi1GotU4-uh7GGknKBYBXQZ0cpM_tVMuK2RiZWuOsJW6OiSwPWq2vIIPYilGU9MfW8oplhf2eLp5-xkTQVWffdpXvbPhZV35Q5buh2FdBORIx9t6-giH4Ax5RdU4tY-XFwLUpMLS7ABKDAnczmA5IFBAgEGAGSBQQIBRgEgAfbk5umAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELjMCdIICQiA4YAQEAEYH4AKAcgLAdgTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi00MTE4NzY1NzQ0NDU1Mzk3GAA&sigh=FCavpJJxA4g&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 20 May 2022 10:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A25C 143 B
163 B 26ms
26ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 09:09:34 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 868F 143 B
163 B 26ms
26ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 09:09:34 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 35A7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a626d8a0f2354474262b088c3a8a8013115856031d7aa2fb62c4d8926c8af24

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A25C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

155ms
148ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 10:06:45 GMT
expires: Fri, 20 May 2022 10:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 10:06:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2539 35 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13637
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 06:38:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 868F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

124ms
116ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 10:06:45 GMT
expires: Fri, 20 May 2022 10:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 10:06:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C721 624 B
299 B 40ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiMlZcDEOfmo5gDGOqW1MMBMAE&v=APEucNXj-UFVxWq6FzBOwJ3gQ6x-ty3BsWzBZt4C3Lo2vLWnScZwGDTql71LTRbsdFhA6JhescpLVDZi3Ss2XPqZselccJb86xMwZPb6gB5Dk-XgmilckkVwJZO98JSQUsR7hGMWcKC1O_6oXAZ6ByLzp6S22nmLp3ovVOm6LWxQlj-bqBfy9Mk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=90&adk=3662869748&adf=955669985&pi=t.aa~a.1160110203~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1653041205&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x90&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041205313&bpp=1&bdt=1095&idt=1&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd72e2f6e32c624e5-22e421d699cd00d3%3AT%3D1653041204%3AS%3DALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ&prev_fmts=1028x280%2C0x0%2C1200x90&nras=3&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=E43K6lJXVw&p=https%3A//www.updatestar.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=90&adk=3662869748&adf=955669985&pi=t.aa~a.1160110203~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1653041205&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x90&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041205313&bpp=1&bdt=1095&idt=1&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd72e2f6e32c624e5-22e421d699cd00d3%3AT%3D1653041204%3AS%3DALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ&prev_fmts=1028x280%2C0x0%2C1200x90&nras=3&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=E43K6lJXVw&p=https%3A//www.updatestar.com&dtd=16
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:06:45 GMT
expires: Fri, 20 May 2022 10:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8637 56 KB
27 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXq6-xqc2qmawiJFulTS5X8J4Ji6B-a0duUpcaJJWLvRY8rEUemmFbl4rWhOBvqInW4yp0ZADf2wrRxHxwVx_QZi1ijA&cry=1&dbm_d=AKAmf-Dxw2c_XpMC9kZACmTR-Cep_OdtUDppJiUK_x9h-7MardG0fIZwgP8G3wi_q5YwXtzQiiGvMAIOScGipeBADZaZt0QqQwnciXXyTZnsOf4fb1vQQSLdqKBbPREuprtV7kohn5T6yJNxlmBIt75Xmk6Q4Z09khpewMU74QN1zYaQz0irvazVcivoqA9d8UkrqUEpiynmewq7toLikRDFWtwOC6_Orat6gTvB0N1uMx5M6712KhDnsCL28rsCtKA5sUbHOCv-iNVeMwRo1GczsYexgKUcvubK63d4_iegDvAuFPtofJNNF8yCjGnTvXcqqcj3dJV3QuAONBBar6kH2SXvfQKetJmpf2P7DwpiLNhRLnP3W_1NXSjU85NOj7rY_P9hk2T4lq-_0NOLTdV8SPyfP0cbNxkP13dCXh3NipeykgSYGS_YfyfC5fzvOGKnwd9bXRq5sZgFVLon1ZNThMVQ3g7XL0YR7Nus1tcyUhg3eaNLZZZD926QNEmpW6RWxcS0ZF2oIJfQKRfpaV0OIPfIiFqYH8CiOV8g7llU0HvjOX4cFdzYxz6-lj_xQ4grOGMgDsHvvi878eLe7d48getCxKw65zWptz3V1Tl-exEGgHcqXkeUt4ZYATfxtRJEeSN6RtZvEu5K1fIBd74GHTmzjK3gHR8LlMB4bytTeg2mJm2PuqoT6b2nEeI6tj2Rxnyptq-3MVvNwEsxk_QYDTfCqADwNr-jA6jkEtGafJ6DRsTCDRDZ6Wa9q8zgEqdtDufZ43QbIgqf8_j8yBkQYsKoxwBpOXjlDY0dXnyG8APhzvA-ubKcYFGYbgD_CWnItN4iBjmuxwUVMuMbqK-sA5pbcSLcqnjPRJTQmMz_qa1uF0czS_RfanKzrXO7B7XYfORVzC6wQQpNDA6LkVhqH87WrKGUj8yCo75EHqNvAaGjVcn2f_8HJWS9rXpaqDBYz_1y_DHclgtcqd-6wb9PUOtA-YpVAASjFU4VNp9CEpfqBhbsEBkIrdUGgPOT0jjYG9VSftQUnEXYvJjfUKjJdSgzGRJjylz_Meo-lNvuMawsyGg5rLq1p08ikWb9H1qUbLtI3SAhhCdxVSAg-I7rJ2vLeREwKOq4KCPilSVKIykY2wPslfUBJ2WjyfTFQzPO1pj6YrHM_59UOX9fOKSXOT30jO-PMm_WIXXdsEhcqCJnsw-TtaLzwySuxzEDgKKWuzWGOhBCB-NgxnUNW2ZOS-ty5f-SmGDGaQ8PVK0Zed120-IkJX2kveyQaDbXBOk3ahzgEzBZtFqVevB4_swFl42uRbBOs10iqjfFkPQfvo1n0a93jq5yAVX1icdYR9HbVvseDw05NF1_y5IPQaP9MG4qGdcBN2R7iqLPSFsyv1jiTwjeK45R9vTn6HeaCtKVu_Nr2UphvMf9tXKB_Qi6qzLcAGtUtVmt63m5_F3GFk3t2CDieXCg8yHKC9vQjFF3LAeJsn8zpmAPv_2tWF8mk8Kc0lRkensxupL2Wa4hVJH8ZL03qLOcKtFGmWmqbipJebCzzilr_FT6mAWDcEoqW-KnzzZtuYpiEKWEhwkOdZKgKf4R45Yd5iAH0btY3mey6s6mRUg3LPIJ6o6q4m1OnxiWGXU8neng7I4dJrEvzmkAl7kiTEPy9kxhzQfvNfZpPQsHt3tZfLqzkRHxC4VFgKN9sC9TY-V8wdiRbxGaWlH1VrABECavza6lhxmdKoEjIAaTZORMQ7Hn10j_un0i98n0kc52VBjVhzKyOnwe3UA4tVsPl6qi6egqqj_uy9g-LcaSWxsxwjwakf4iRgGRY7jzBwfxoLT1X6QKSrxh6cMwnD_m8VQzsNkYjv9YkhujlxDoBysXrUinJBf6k5dPI2luEJgiNKg_EOiEi3INVzm6VI5uB7XRytJRaFArcoRmOmcFtbyoiAwbl8bwqZK73H3eGNkodlB7FLcnQKQe4AleTNnZ2lYU3VvlB_t1vjD413I1kZe0PZaXHqq-AGI39QhRGZIBZ9OxN9WAaJ5bqBtaxZbXnTDUmSRGHn70Gf8vVB1WIhaLNn-M82HQc1QIUvxsB2eUhy-aqIfMPeJ06iyQfOkwWaBfMqb7lPYTxT0XDERpXpQpkAQqsuBWV6N52Gfy2fMXO0C2uxzQb_ppJJj2C3u0A9GckrB3CWAIRAklmhGDS8Ew2GS7lZ9WVbGWmKLj1QOd7kew0QIJRZw7YcLx4gFhnO1Vmfj9TpwjOba3uo_Cud8bMZZnbuyXGAyxeoJXUyNozSnR-oat3sKjDidj5yu82uoYl7LO9M0CXPCNqiaYJ4oReHVKhx45WQRSr6NwU86yaRfFK7Jj1j_QzfNJjVPYMAlquzWP1oTcFTG89qPVYj6lC5xoaYqZ1yB5sGNTMcVXhF0SrahI7eRFEP0mjeINwnOEcT9JD-dMZsqoZkIB24VRMtio1X38Hju-W9wexKU39KLWYJU8hs_f8CQQszFZgBgvi2s8qpkNdhplhB4Fjqpb2R4RK0QWK4si9b8RXpgyt_rBpdRAN4BzglN8Ql0J3uBRrrQ6YgLOnZf4uiTZvjCS-3Dt3vommmmABaUFFIHuvkfOTjrXZ6jd_arJo_Z1ERO2LLajBLHn5G0PznuBdygHkZ1r28Pfi1BHjw0JgI7Mthhc27ayMGZQJtHgjCPPPlEfNl9Gs-xTWLGeTTDgCTX4PdZoHKWc3CwhD6A10ket8yZPBtJIPFrA_jn0gXkgB5uwN-a1EhtHmtMrhsRPhpIzOeR4Vp3SfFoPWt8iuaYhn8ZDi6OMaF5gV-Xg27ROBIYGo53drMjhXnGw-dIUrZZxL8woAwk6EhVxXzAwYvmKUsJgSFNthZ0f5zsClvqVP8gKBaZJN95OOBLeuXDqj9FInIe6KG92TvlGGvWxpmF_pgZzamwyA_y3Mn53JC6waomGofgK5PGvgnn_ebnABkvS9CP0fNpCH1Cl6NVUz21vq3OcYlkgzaMONsFnYhy17pInWrWQhu_Yo1qEGuqElet4oAEZNkAo6_NJ_eVbHCHRQSdNpQtsVBpb3n16Vq2eYif2970dZj_tP5VGBM-6lHcuPsUbTGHxqwdQRDOxrA6bd_RyGFGHxzne_cifbuDI0snoCvRvSKWRY6jLVJ5JgjkzE8AwjPB_8ibhN-NyHOaXNRGnJTfTFcIgtGDro2APOrDqm_Rv6LpZ8uf0E6WEbhmf&cid=CAASJeRoK3Dosiyk8virq4ZjDRtALNDO6gFCvjU4gVN3AODJkjH9DJg&rfl=2%2Chttps%253A%252F%252Fwww.updatestar.com%252Fes%252Fdirectdownload%252Freshade%252F2471374%240

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43b2257943be91be0615226096e672fe5a57b4171989e66cc100e32a7d3c3b15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=90&adk=3662869748&adf=955669985&pi=t.aa~a.1160110203~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1653041205&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x90&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041205313&bpp=1&bdt=1095&idt=1&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd72e2f6e32c624e5-22e421d699cd00d3%3AT%3D1653041204%3AS%3DALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ&prev_fmts=1028x280%2C0x0%2C1200x90&nras=3&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=E43K6lJXVw&p=https%3A//www.updatestar.com&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 8637 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:03:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8637 135 KB
41 KB 161ms
74ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 10:06:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 8637 17 KB
7 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:01:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8637 0
0 36ms
35ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSb1MU1--daSEce1I0Bd2p9Ax7uedMwuIvqfQi2hLxqCnJfxjwlUhAfoFb4GjHjaAu1oHdGZnH2FDwlUAHqgEP3aFT_iA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=90&adk=3662869748&adf=955669985&pi=t.aa~a.1160110203~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1653041205&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x90&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041205313&bpp=1&bdt=1095&idt=1&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd72e2f6e32c624e5-22e421d699cd00d3%3AT%3D1653041204%3AS%3DALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ&prev_fmts=1028x280%2C0x0%2C1200x90&nras=3&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=E43K6lJXVw&p=https%3A//www.updatestar.com&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8637 42 B
63 B 86ms
86ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BXOxl4hhUjxffU8UG2rxDUhPsVAfRIJpLhZNeDtODyekmd9n6RWmd7bnc603hTDwMW1AW3mjap2QzqT2hf7QgNJMy3zqgy-941cecgj9PM1wFOvR8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 01C9 640 B
318 B 63ms
61ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYpKGfBTAB&v=APEucNXLq5oMQOfW6n2_rJ77K7D3t6g85eWB8w_AmANwe6F2uilecXZwjxHem6KqqPLf4mRTGQNmFlk05oBZsYGRud2Rt7za1wU9ZxxrgnD6wTgYNgrqz_9cydxqWqStCllgXKVpqro1zZQlY1nxyKOswLdXfe5GtfYis7gXIIW6Hj5P4OhCAyw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1653041205&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x90&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041205313&bpp=1&bdt=1094&idt=-M&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd72e2f6e32c624e5-22e421d699cd00d3%3AT%3D1653041204%3AS%3DALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ&prev_fmts=1028x280%2C0x0&nras=2&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sc1XKDM4A9&p=https%3A//www.updatestar.com&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1653041205&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x90&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041205313&bpp=1&bdt=1094&idt=-M&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd72e2f6e32c624e5-22e421d699cd00d3%3AT%3D1653041204%3AS%3DALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ&prev_fmts=1028x280%2C0x0&nras=2&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sc1XKDM4A9&p=https%3A//www.updatestar.com&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:06:45 GMT
expires: Fri, 20 May 2022 10:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8C5D 59 KB
29 KB 100ms
95ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DaWq_U7PZ9Q_9LD5mztQaaM0UE2_XNwnpVlfiZ3qvT0qlL0uGqRAlpv2dDRgDNErsp5JyvLKfVCWPgUWeZVgp0LjTOTcV_9l8-Rg30w_119oMnSK3fF_zjsI28O1GcGqLqlaDZx5v-uETf30naWE7s-Qpq5g&dbm_d=AKAmf-A_IO36S0PDxB538hq-yzqn5RJnmWhw5jmTyBTZNh_ftNlAonhfJ5hgxdHbIgB9ghcjxau1r6ZayGeIQTE7y0BruBmaWr3Kdf_8nnq1bc7alkfoQIYK2CEytF-OBzS5RcLUsxHlKSlDAwazdQeOSJCBtx1F0VGAPENAWsUopMofUvENQ4BBZhJDezdLbDAqulYyHB7SF9y5l2ZG72lqaeCvUq7PT02WHFdALv8GmzOioZxlJTGsDi9ix5zBgwDIJ6f59oFxVe6NNmnCXxpWQ9lSOc1C4JZEi_heEhWQoq7zj6vfxQGPrmTSqS6pHU-YGiSaKS2McwUTtuw4UwzTLQAn0FRj8WUTQRn75UwcYnytl0fBPVUMh-tQIwcUIYfml3KsFeizS5mr37rdbbdnZGz_rpt207QjyAB4F3GGt9OUvL2esCnlu8gCG2RrpjFPwokBWWTLwcMEdDjnbGSFmKuQDoPpkkbZBBmo_JGeVPf39W2CT2DWVBFT1GYtxgp6EYDviRnfyu7_5wzrqyfYRc065bZtaKwhOtSwtF4qSGvhcfMgp9_UETuczUzMZXrFU_N9Q4AJ5hRfsyxDk5an3h43t1Ia8aSmbn5vQW8AESg5DE_tOiur-t7doxL4tHFQ9j4sxov34z64g1eUnB0jePAKUwy9YA6IaTi9EQJb3dbEkG5fGTX7McU3FKdP5ThleOKof3LCRpob05BpbPS8pDNNONB37oAy9Fg8z0EVX6aVv5ZL7bRkRUtui6f8YB8H6sfacLUATcCGBbgRWjKdYh-D313rfYpcyeFzw6dOSC2JPWGrptR7jgRsGU0ntoC6217q6t9wzMj66qMLlkW-4yUk8BoOFoCbl-T1rNe0jpJGYbBPdlaNKm0vGn2S7kVb25oAAGgpn3hXvIy4eP8Ie1PcdXSuQCF73H_abewFI3V6w6DqgA84KiX3nqAmFBFC5gziDwXx6wujoe1xelaZEwDP9BrT4M9EHAgrzsv9J5lqkP6D5F2tUWp54n8-cGxA-M4nz-oJPv8nIeweV8yhclb6hiZQjlxwJShpvTTvN4yKgwQmIWhJO0P8bAL5TnQ6TdLP0dN3jvMzN903e2pI2_oU1E9k1d7RzOJc-F8gE9XNb7X4kf3WYsn1bcRNnYFcc_GHBQDplTdFKj7uSqkEm5uRhGNlt_BVkrTbDfJQfH8nSJOJTPcEScxqs2_jgYkptyuTdNWvdu4dztE-kIBFbfz9so0M_jBALt3B_9M05IlZ5YohxBU7l5tMMXlX9chbx7Ivi7IvvIYA6IrYZLcZ_mnpxtWr5HruG6ktcoUl-WoARQCAXCG90y_onGqyngWarhDLZG8tlRjr5W1LOHozXCGyoQzK3SJL7o6WjU7lYa29zrpSfBJEc6XXJPNiXYPUPgI3RQnWy-ZhmXMtQh_Dlilx1u52oVDuXCXisz9N8VgUdURZ90AvWMZixSNd-8sdVojqzk7Ejly72cvARoVbXwsKi4oH4e47i4Mu_KJhaleVuK79pB_c5XwmZa7FeOdp76OgTwQd0JWn--Ta6arw0kPeYi6s1qUkBrnZwbojXRl3WyUIKwoR5zn6-8Oi_QDPwzGfGRu5Jn3WcKBm0-hCEftE4dfpkT7_0KzPql1oWuxNsu_TwPFipaFGwpEEr46SKbyhqG3UsU1ZvRdlXpgklLWr3WxRPhBXnjj8I3di9DZpu7MhoZRaIAu0aCAVRcW40Qud_IK-cI9UmwfDDXy2t9-zdr3Q9zd7JTvL-jZzS2OKeX0TQ4v6OymJST8ZJ5_xJcyCrF1t8zT7qrlfAnobUcrzPG4LI6lYYkYv0mxh6EuISXnSV4TNwb4IerypjqQSvtn1GT8WWgn71HU0HGT9gzIKLH7P4W7nL9ve_IKtf7BzJV_8jcDy6rtvnJ1Iuco6lWLXPFgi90LAuoZmHDHn-imt0IDIK9LkV7q1Wed48u0DTyujou8pCaEcDaNYG6Jx5zGY1pa5V33KGZBHlyvwLNBww0n0opG9eDFGjApl-CIv4YxhPqNcFu8Euf89TR5NdIShsAaZUrYq9rIKD6d6yODL9-UlhWFQzrqoZxZUGqPaQuH-31xsSttXvV3_93u81s4QdLENFZzyt8OlMIBM2LoITyrYXOr6_19UnsD5bCQtw3uVaDgLXntJV583goLIcFEgm8zR62Fd8EwJ3GB07tVZkXX5flzDbuYeB-SuGKGefE_t-hyGjH0GvTWpfFcMqGobKXUr2uNxI0wA8fz3-SGBIUlDmdcrfyKB60Em5fiZBV1gUzKkVffYiEB-jvf_cJIW_f-qROC8awvQ5TM7sr-wejpfzHK6a-iC-EnvO8yXAN8gtzdvm8Yi4LvVds8zsrznjInB73sNo9de84c7x5_e1_2ixBLyK7h1MngZviv9k3L2oibEZ9UiaStepaUkGFrhX5Sex2UQSHp3ZIZkthDlIKCBsKYUvCRYdRH5k3xNFAQZq-MbHcrScQpgU9JfjuG-NCqk-b-7hfkvNjAE9cuuAVNpPQoAodtjGBWCO4YrGgSbHYcu2Ru2196Fx2oCETAjZXonEhXAZDoFK9GAiWAhdQNhsGMqu0-ca_tS8Dg7GU_NanynsAKbGvmOYQG9hhVDUHf83OJEykDgnC1JJSHA83SdQb8SXyt6MuXJW0h0hlIHKgmIsgDzvaGkXcI3ngJwyCVCuBO5l_MbPbjkTZYrRXyLmjS3MZgHCtbeyj1PRYt8RORV4Kx6Bmj6Aw2ZKZX4Jnl7tVDqD3hlxATaI9uxmm8P-d34-nn31mABQIdN-wibKSrB3xuon_cNFe3QPnhPlGs2gijWg8q22j5XmgwTnkRq6B45ujolm2-oSDuaFhR_ySysP0PQr5e9qXtl8fAxxz1MTfUanCm4L0P88PbVE4QA1oWT1iE8iSoV7MN4QYbKvMoEelFeeix1rVHiATdQ24WzrTJ3e0LJBqVLBFCt-zdAHf61bvnTw-ow3g7aS-WvXnW3QtUsTOpJoVYZOe-V2QMeykKyRiqAmNeNUlKDr1kCdK-z4gBoY6XCkN3Pe-ii6ZzY0tSpXtR0m2gZa_LVdusZ&cid=CAASJeRoIDMP9i19U8sO9GqeJadCaB48bgRroUioJXUSTEgt1o3guro&rfl=2%2Chttps%253A%252F%252Fwww.updatestar.com%252Fes%252Fdirectdownload%252Freshade%252F2471374%240

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd16297359b2b6e31d951746e0654be6fd3152157fdc706ab287bc760eae694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1653041205&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x90&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041205313&bpp=1&bdt=1094&idt=-M&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd72e2f6e32c624e5-22e421d699cd00d3%3AT%3D1653041204%3AS%3DALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ&prev_fmts=1028x280%2C0x0&nras=2&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sc1XKDM4A9&p=https%3A//www.updatestar.com&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 8C5D 3 KB
1 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:03:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C5D 135 KB
41 KB 99ms
48ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 10:06:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 8C5D 17 KB
7 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:01:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8C5D 0
0 51ms
49ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtbZ509sbNSJyZrTaK0eYjYYWOlhw21vJXmH75rnmSVbf914X4uO0WDSJ2SLozKvVbaqfhMSezfIOwnYtPNKzguxWfHQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1653041205&rafmt=1&to=qs&pwprc=9600715268&psa=0&format=1200x90&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041205313&bpp=1&bdt=1094&idt=-M&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd72e2f6e32c624e5-22e421d699cd00d3%3AT%3D1653041204%3AS%3DALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ&prev_fmts=1028x280%2C0x0&nras=2&correlator=5867388737954&frm=20&pv=1&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sc1XKDM4A9&p=https%3A//www.updatestar.com&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C5D 42 B
63 B 91ms
89ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BFyaORITqgWzW04qspX9VC2zONQ08PbEj3vqepHSL3vOwBdZIFZ2FciDSWxTZIr2ralRUoZIcAhMDu_jmzgB7pnNMDAFDazjH3P_jN-0Vyc_hiYts

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 6A5E 9 KB
4 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=8696530997&adk=2335003757&adf=2208971296&pi=t.ma~as.8696530997&w=1028&fwrn=4&fwrnh=100&lmt=1653041204&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041204553&bpp=4&bdt=334&idt=171&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&correlator=5867388737954&frm=20&pv=2&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q9w6iqYCqM&p=https%3A//www.updatestar.com&dtd=186

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 08:03:38 GMT

GET
H3 200 7e8d9be85afe70328c144e2bd1bc7ea5.js Show response
www.gstatic.com/mysidia/ Frame 6A5E 8 KB
4 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7e8d9be85afe70328c144e2bd1bc7ea5.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e011e5db5fba47db92bc725349b3ef86a4c8cdb49a750ab259704596e0e5ef05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3703
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 08:03:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6A5E 8 KB
892 B 52ms
50ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 09:28:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 10:06:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 10:06:45 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 6A5E 2 KB
904 B 43ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:04:04 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 6A5E 21 KB
8 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:02:54 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 6A5E 3 KB
1 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:03:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A5E 135 KB
41 KB 94ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 10:06:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 6A5E 17 KB
7 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:01:49 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 6A5E 30 KB
12 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 08:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 08:42:59 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C721
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

43 B
315 B

36ms
31ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiMlZcDEOfmo5gDGOqW1MMBMAE&v=APEucNXj-UFVxWq6FzBOwJ3gQ6x-ty3BsWzBZt4C3Lo2vLWnScZwGDTql71LTRbsdFhA6JhescpLVDZi3Ss2XPqZselccJb86xMwZPb6gB5Dk-XgmilckkVwJZO98JSQUsR7hGMWcKC1O_6oXAZ6ByLzp6S22nmLp3ovVOm6LWxQlj-bqBfy9Mk
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:06:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 20 May 2022 10:06:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C721
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YodoNld0NRHXGJQxEijmxQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

43 B
315 B

31ms
29ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiMlZcDEOfmo5gDGOqW1MMBMAE&v=APEucNXj-UFVxWq6FzBOwJ3gQ6x-ty3BsWzBZt4C3Lo2vLWnScZwGDTql71LTRbsdFhA6JhescpLVDZi3Ss2XPqZselccJb86xMwZPb6gB5Dk-XgmilckkVwJZO98JSQUsR7hGMWcKC1O_6oXAZ6ByLzp6S22nmLp3ovVOm6LWxQlj-bqBfy9Mk
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:06:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 20 May 2022 10:06:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame C721 170 B
232 B 140ms
42ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiMlZcDEOfmo5gDGOqW1MMBMAE&v=APEucNXj-UFVxWq6FzBOwJ3gQ6x-ty3BsWzBZt4C3Lo2vLWnScZwGDTql71LTRbsdFhA6JhescpLVDZi3Ss2XPqZselccJb86xMwZPb6gB5Dk-XgmilckkVwJZO98JSQUsR7hGMWcKC1O_6oXAZ6ByLzp6S22nmLp3ovVOm6LWxQlj-bqBfy9Mk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C721
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYzMzc2OTA4NjQzNzQ4NjE2Mw%3D%3D

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYzMzc2OTA4NjQzNzQ4NjE2Mw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:06:46 GMT
X-Proxy-Origin: 178.33.144.177; 178.33.144.177; 917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 081cad5d-375a-48e6-9b00-e559504afabe
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYzMzc2OTA4NjQzNzQ4NjE2Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 01C9 170 B
502 B 64ms
41ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYpKGfBTAB&v=APEucNXLq5oMQOfW6n2_rJ77K7D3t6g85eWB8w_AmANwe6F2uilecXZwjxHem6KqqPLf4mRTGQNmFlk05oBZsYGRud2Rt7za1wU9ZxxrgnD6wTgYNgrqz_9cydxqWqStCllgXKVpqro1zZQlY1nxyKOswLdXfe5GtfYis7gXIIW6Hj5P4OhCAyw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 01C9
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTU0NjI2YjktNDMwMy0yNWRiLWQyYzAtZDgxMmNiMmRiNjM5

170 B
188 B

35ms
35ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTU0NjI2YjktNDMwMy0yNWRiLWQyYzAtZDgxMmNiMmRiNjM5

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 20 May 2022 10:06:46 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTU0NjI2YjktNDMwMy0yNWRiLWQyYzAtZDgxMmNiMmRiNjM5
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 01C9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=&google_error=15

23 B
172 B

61ms
61ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&google_error=15
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYpKGfBTAB&v=APEucNXLq5oMQOfW6n2_rJ77K7D3t6g85eWB8w_AmANwe6F2uilecXZwjxHem6KqqPLf4mRTGQNmFlk05oBZsYGRud2Rt7za1wU9ZxxrgnD6wTgYNgrqz_9cydxqWqStCllgXKVpqro1zZQlY1nxyKOswLdXfe5GtfYis7gXIIW6Hj5P4OhCAyw
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 20 May 2022 10:06:46 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 01C9 23 B
172 B 174ms
52ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYpKGfBTAB&v=APEucNXLq5oMQOfW6n2_rJ77K7D3t6g85eWB8w_AmANwe6F2uilecXZwjxHem6KqqPLf4mRTGQNmFlk05oBZsYGRud2Rt7za1wU9ZxxrgnD6wTgYNgrqz_9cydxqWqStCllgXKVpqro1zZQlY1nxyKOswLdXfe5GtfYis7gXIIW6Hj5P4OhCAyw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 20 May 2022 10:06:46 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 8637 27 KB
10 KB 57ms
53ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXq6-xqc2qmawiJFulTS5X8J4Ji6B-a0duUpcaJJWLvRY8rEUemmFbl4rWhOBvqInW4yp0ZADf2wrRxHxwVx_QZi1ijA&cry=1&dbm_d=AKAmf-Dxw2c_XpMC9kZACmTR-Cep_OdtUDppJiUK_x9h-7MardG0fIZwgP8G3wi_q5YwXtzQiiGvMAIOScGipeBADZaZt0QqQwnciXXyTZnsOf4fb1vQQSLdqKBbPREuprtV7kohn5T6yJNxlmBIt75Xmk6Q4Z09khpewMU74QN1zYaQz0irvazVcivoqA9d8UkrqUEpiynmewq7toLikRDFWtwOC6_Orat6gTvB0N1uMx5M6712KhDnsCL28rsCtKA5sUbHOCv-iNVeMwRo1GczsYexgKUcvubK63d4_iegDvAuFPtofJNNF8yCjGnTvXcqqcj3dJV3QuAONBBar6kH2SXvfQKetJmpf2P7DwpiLNhRLnP3W_1NXSjU85NOj7rY_P9hk2T4lq-_0NOLTdV8SPyfP0cbNxkP13dCXh3NipeykgSYGS_YfyfC5fzvOGKnwd9bXRq5sZgFVLon1ZNThMVQ3g7XL0YR7Nus1tcyUhg3eaNLZZZD926QNEmpW6RWxcS0ZF2oIJfQKRfpaV0OIPfIiFqYH8CiOV8g7llU0HvjOX4cFdzYxz6-lj_xQ4grOGMgDsHvvi878eLe7d48getCxKw65zWptz3V1Tl-exEGgHcqXkeUt4ZYATfxtRJEeSN6RtZvEu5K1fIBd74GHTmzjK3gHR8LlMB4bytTeg2mJm2PuqoT6b2nEeI6tj2Rxnyptq-3MVvNwEsxk_QYDTfCqADwNr-jA6jkEtGafJ6DRsTCDRDZ6Wa9q8zgEqdtDufZ43QbIgqf8_j8yBkQYsKoxwBpOXjlDY0dXnyG8APhzvA-ubKcYFGYbgD_CWnItN4iBjmuxwUVMuMbqK-sA5pbcSLcqnjPRJTQmMz_qa1uF0czS_RfanKzrXO7B7XYfORVzC6wQQpNDA6LkVhqH87WrKGUj8yCo75EHqNvAaGjVcn2f_8HJWS9rXpaqDBYz_1y_DHclgtcqd-6wb9PUOtA-YpVAASjFU4VNp9CEpfqBhbsEBkIrdUGgPOT0jjYG9VSftQUnEXYvJjfUKjJdSgzGRJjylz_Meo-lNvuMawsyGg5rLq1p08ikWb9H1qUbLtI3SAhhCdxVSAg-I7rJ2vLeREwKOq4KCPilSVKIykY2wPslfUBJ2WjyfTFQzPO1pj6YrHM_59UOX9fOKSXOT30jO-PMm_WIXXdsEhcqCJnsw-TtaLzwySuxzEDgKKWuzWGOhBCB-NgxnUNW2ZOS-ty5f-SmGDGaQ8PVK0Zed120-IkJX2kveyQaDbXBOk3ahzgEzBZtFqVevB4_swFl42uRbBOs10iqjfFkPQfvo1n0a93jq5yAVX1icdYR9HbVvseDw05NF1_y5IPQaP9MG4qGdcBN2R7iqLPSFsyv1jiTwjeK45R9vTn6HeaCtKVu_Nr2UphvMf9tXKB_Qi6qzLcAGtUtVmt63m5_F3GFk3t2CDieXCg8yHKC9vQjFF3LAeJsn8zpmAPv_2tWF8mk8Kc0lRkensxupL2Wa4hVJH8ZL03qLOcKtFGmWmqbipJebCzzilr_FT6mAWDcEoqW-KnzzZtuYpiEKWEhwkOdZKgKf4R45Yd5iAH0btY3mey6s6mRUg3LPIJ6o6q4m1OnxiWGXU8neng7I4dJrEvzmkAl7kiTEPy9kxhzQfvNfZpPQsHt3tZfLqzkRHxC4VFgKN9sC9TY-V8wdiRbxGaWlH1VrABECavza6lhxmdKoEjIAaTZORMQ7Hn10j_un0i98n0kc52VBjVhzKyOnwe3UA4tVsPl6qi6egqqj_uy9g-LcaSWxsxwjwakf4iRgGRY7jzBwfxoLT1X6QKSrxh6cMwnD_m8VQzsNkYjv9YkhujlxDoBysXrUinJBf6k5dPI2luEJgiNKg_EOiEi3INVzm6VI5uB7XRytJRaFArcoRmOmcFtbyoiAwbl8bwqZK73H3eGNkodlB7FLcnQKQe4AleTNnZ2lYU3VvlB_t1vjD413I1kZe0PZaXHqq-AGI39QhRGZIBZ9OxN9WAaJ5bqBtaxZbXnTDUmSRGHn70Gf8vVB1WIhaLNn-M82HQc1QIUvxsB2eUhy-aqIfMPeJ06iyQfOkwWaBfMqb7lPYTxT0XDERpXpQpkAQqsuBWV6N52Gfy2fMXO0C2uxzQb_ppJJj2C3u0A9GckrB3CWAIRAklmhGDS8Ew2GS7lZ9WVbGWmKLj1QOd7kew0QIJRZw7YcLx4gFhnO1Vmfj9TpwjOba3uo_Cud8bMZZnbuyXGAyxeoJXUyNozSnR-oat3sKjDidj5yu82uoYl7LO9M0CXPCNqiaYJ4oReHVKhx45WQRSr6NwU86yaRfFK7Jj1j_QzfNJjVPYMAlquzWP1oTcFTG89qPVYj6lC5xoaYqZ1yB5sGNTMcVXhF0SrahI7eRFEP0mjeINwnOEcT9JD-dMZsqoZkIB24VRMtio1X38Hju-W9wexKU39KLWYJU8hs_f8CQQszFZgBgvi2s8qpkNdhplhB4Fjqpb2R4RK0QWK4si9b8RXpgyt_rBpdRAN4BzglN8Ql0J3uBRrrQ6YgLOnZf4uiTZvjCS-3Dt3vommmmABaUFFIHuvkfOTjrXZ6jd_arJo_Z1ERO2LLajBLHn5G0PznuBdygHkZ1r28Pfi1BHjw0JgI7Mthhc27ayMGZQJtHgjCPPPlEfNl9Gs-xTWLGeTTDgCTX4PdZoHKWc3CwhD6A10ket8yZPBtJIPFrA_jn0gXkgB5uwN-a1EhtHmtMrhsRPhpIzOeR4Vp3SfFoPWt8iuaYhn8ZDi6OMaF5gV-Xg27ROBIYGo53drMjhXnGw-dIUrZZxL8woAwk6EhVxXzAwYvmKUsJgSFNthZ0f5zsClvqVP8gKBaZJN95OOBLeuXDqj9FInIe6KG92TvlGGvWxpmF_pgZzamwyA_y3Mn53JC6waomGofgK5PGvgnn_ebnABkvS9CP0fNpCH1Cl6NVUz21vq3OcYlkgzaMONsFnYhy17pInWrWQhu_Yo1qEGuqElet4oAEZNkAo6_NJ_eVbHCHRQSdNpQtsVBpb3n16Vq2eYif2970dZj_tP5VGBM-6lHcuPsUbTGHxqwdQRDOxrA6bd_RyGFGHxzne_cifbuDI0snoCvRvSKWRY6jLVJ5JgjkzE8AwjPB_8ibhN-NyHOaXNRGnJTfTFcIgtGDro2APOrDqm_Rv6LpZ8uf0E6WEbhmf&cid=CAASJeRoK3Dosiyk8virq4ZjDRtALNDO6gFCvjU4gVN3AODJkjH9DJg&rfl=2%2Chttps%253A%252F%252Fwww.updatestar.com%252Fes%252Fdirectdownload%252Freshade%252F2471374%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:03:39 GMT

GET
H2 200 3288026877594172120
s0.2mdn.net/simgad/ Frame 8637 61 KB
61 KB 110ms
34ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3288026877594172120

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47ca400d81b93f33e0469eade0b32f9eee4969ef7ae038c8d6999c5fb0c239d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 13:59:00 GMT
x-content-type-options: nosniff
age: 331666
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62244
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 02:39:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 13:59:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 8637 8 KB
3 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:05:46 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8637 0
622 B 147ms
67ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZUaeR2UegjjK78sbUaA-OvXtsdj-Qn6P1n6Tk4v3baLX2TVA5AB7AMpt1VWOBDvQwpl_mA5TgI9S9drp-fcacyaGhL7ez8MK7T8ub7il9l1LnoGk0uVGGfZDb1arsTK9dite8B-LRQ_7xI28bviwm4mVKpGCuc-1GS0Bs5Lb49jCtT-O2JlYw10_o9CgLuAZS3ZB246IfGrRWdq3vQwoOevgq_XJNhlP_KNr41kH4SjhJEc1TeNsYJ0R058pNdJ4SXwKCG3B7hAFp-3MLagwEUJ7_xBKMs1YiUKPMuj4SOItU3ekhBWsGWRVLsu767lptcd7sddS_8ttcNFdT4iS4fT-RW-f6h2XpmS3fVPErYiS_cNh7EsPUWyrMB0kgspzmXnn4NBcoU9_ZKvh4BBVmrlUbTcLTAUijrcwtJ4OrGp4INI83jSIiDdno8XVXiHle1cfwcdih5J9DolhDBgbIbRu0y1uy8nKtjiniEOIOq0Wg1JUE2Qdc-JKy6KNE78yIi_DgKTS-jyZeL8BEAb3VdlJl3gRXiGJArTg-AqAhcp0y2TKyDbqJAjEWOhDxCKepgM6EqgjYFu4vIEL_u3TJ-tkn0hqCRk1zZowlo9s5kTE4ASFqU2wat7v2548HVrMVDqF9uGl__iJ_yyOoMy1WJDTQFMwUcUHzuRKeI965aFDYe3NorF4zf55gbtb38XJ6vqGu9Pblh2Wbl1pzZT-J52iXNImPkCXffr0K02EIUq67UWSS4qSLjXZfMLI7oyY-tPGCAcRwOWzkh3y_WpnPTbBI0xAlWUujS30-8nWVvlxeX9JRn-do4cfRfS9XdBdL_6QySeABMiWpXqLvErDgh_G84tCHVYJdQE6_7FbK6adr0Y-ad5j12JD5Ui33498vCqaq4JMnzPADGx2lPnC0L4nlHCLaKzDmSMwgpCZqgoRn2b9LF6uf4zo01RJfqGrNKMGi2UckU_aM7tlNryzSZ91vAKnaae74P7btq2bBlk_Z06VtdRxSQoh6Voif1PHUmTZ2dAH4FYCOwO2Lj3oRhBvK3woSKLEgyR4-q98LqZ5lzSl53KX2HxTW0ta58W76bY9ToPIOgxOqGgipsb5ESj6Qq4OCg7TNz3w4ZnnkTEbqNFpwIhnULhQpgG_wsoz5NdaH5ummMgnWuSXE4PfuiyKFu-Dkg3b1zoumdg&sai=AMfl-YQkinPI3mkog532SRlf489_uu2GaZvzKFTkFwPkKBrG1xCCxqpuv2SEDAHrAebpi8dNjq2Q6KEijiOgpmGd-oSid1JKUIIX_8IuiMwj5JlwflGtPp1ylsEqVd9V65Z_Mrkwi0ffGndua0Mm5O0jT6rr7XD8msNlnzrGb4D5UXfkQcQ7eHSV_U7w-dtAKiKTdHPbRiTclBcngWDTXdoZeHuW&sig=Cg0ArKJSzEXyq6UFNN40EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220518.74968&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 20 May 2022 10:06:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8637 41 KB
15 KB 56ms
53ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6A5E 0
0 70ms
69ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Chh_LNGiHYr3DMtji3wOfspSIDMmy7fdp-7KataAOq5T0_QgQASDWtaUGYPsBoAGN7OTZAsgBAakCzj2AF0Q0qj6oAwHIA8sEqgTzAU_QmpszJ1QIStdfD2sV0229qZf3iodnIynYdz8RcfGVTOIuH-6IHeWbYW-8O4a8mS3Cdmexw4Rr9r47Y5dCL4QVbkKEJ5LebcJAzmJ5grgfmHkpGlMPoO-0wTnRAy-3c1D8bL8T8WXRJE5lhJ-_MsJaun9arHNdcRwycvirqT1V8SLnMwKIdw7gMSoVl8WI77tjBHYnQfjP3f_x1iMrlOs2DIoscU21BSEHNjYhTLX06WkSHwclxd5EY8x1vsOg4j68Sian0OWQZ90kuh2_F4IDbGPhzcMQgZwkSDlD9QtWr6O81cC-qKU8pjDCq2fmzgHg6cAEoMCdzOYDkgUECAQYAZIFBAgFGASAB9uTm6YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQsJAH0ggJCIDhgBAQARgfgAoByAsB2BMNiBQE0BUBgBcBshccChoIABIUcHViLTQxMTg3NjU3NDQ0NTUzOTcYAA&sigh=3MdZr4nN4ug&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=8696530997&adk=2335003757&adf=2208971296&pi=t.ma~as.8696530997&w=1028&fwrn=4&fwrnh=100&lmt=1653041204&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041204553&bpp=4&bdt=334&idt=171&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&correlator=5867388737954&frm=20&pv=2&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q9w6iqYCqM&p=https%3A//www.updatestar.com&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 20 May 2022 10:06:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5831 143 B
163 B 31ms
30ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=8696530997&adk=2335003757&adf=2208971296&pi=t.ma~as.8696530997&w=1028&fwrn=4&fwrnh=100&lmt=1653041204&rafmt=1&psa=0&format=1028x280&url=https%3A%2F%2Fwww.updatestar.com%2Fes%2Fdirectdownload%2Freshade%2F2471374&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653041204553&bpp=4&bdt=334&idt=171&shv=r20220518&mjsv=m202205160101&ptt=9&saldr=aa&abxe=1&correlator=5867388737954&frm=20&pv=2&ga_vid=86970508.1653041205&ga_sid=1653041205&ga_hid=1001956168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067629%2C31067655%2C21066430&oid=2&pvsid=1446157209565466&pem=227&tmod=1451266048&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q9w6iqYCqM&p=https%3A//www.updatestar.com&dtd=186
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 09:09:34 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 8C5D 27 KB
10 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DaWq_U7PZ9Q_9LD5mztQaaM0UE2_XNwnpVlfiZ3qvT0qlL0uGqRAlpv2dDRgDNErsp5JyvLKfVCWPgUWeZVgp0LjTOTcV_9l8-Rg30w_119oMnSK3fF_zjsI28O1GcGqLqlaDZx5v-uETf30naWE7s-Qpq5g&dbm_d=AKAmf-A_IO36S0PDxB538hq-yzqn5RJnmWhw5jmTyBTZNh_ftNlAonhfJ5hgxdHbIgB9ghcjxau1r6ZayGeIQTE7y0BruBmaWr3Kdf_8nnq1bc7alkfoQIYK2CEytF-OBzS5RcLUsxHlKSlDAwazdQeOSJCBtx1F0VGAPENAWsUopMofUvENQ4BBZhJDezdLbDAqulYyHB7SF9y5l2ZG72lqaeCvUq7PT02WHFdALv8GmzOioZxlJTGsDi9ix5zBgwDIJ6f59oFxVe6NNmnCXxpWQ9lSOc1C4JZEi_heEhWQoq7zj6vfxQGPrmTSqS6pHU-YGiSaKS2McwUTtuw4UwzTLQAn0FRj8WUTQRn75UwcYnytl0fBPVUMh-tQIwcUIYfml3KsFeizS5mr37rdbbdnZGz_rpt207QjyAB4F3GGt9OUvL2esCnlu8gCG2RrpjFPwokBWWTLwcMEdDjnbGSFmKuQDoPpkkbZBBmo_JGeVPf39W2CT2DWVBFT1GYtxgp6EYDviRnfyu7_5wzrqyfYRc065bZtaKwhOtSwtF4qSGvhcfMgp9_UETuczUzMZXrFU_N9Q4AJ5hRfsyxDk5an3h43t1Ia8aSmbn5vQW8AESg5DE_tOiur-t7doxL4tHFQ9j4sxov34z64g1eUnB0jePAKUwy9YA6IaTi9EQJb3dbEkG5fGTX7McU3FKdP5ThleOKof3LCRpob05BpbPS8pDNNONB37oAy9Fg8z0EVX6aVv5ZL7bRkRUtui6f8YB8H6sfacLUATcCGBbgRWjKdYh-D313rfYpcyeFzw6dOSC2JPWGrptR7jgRsGU0ntoC6217q6t9wzMj66qMLlkW-4yUk8BoOFoCbl-T1rNe0jpJGYbBPdlaNKm0vGn2S7kVb25oAAGgpn3hXvIy4eP8Ie1PcdXSuQCF73H_abewFI3V6w6DqgA84KiX3nqAmFBFC5gziDwXx6wujoe1xelaZEwDP9BrT4M9EHAgrzsv9J5lqkP6D5F2tUWp54n8-cGxA-M4nz-oJPv8nIeweV8yhclb6hiZQjlxwJShpvTTvN4yKgwQmIWhJO0P8bAL5TnQ6TdLP0dN3jvMzN903e2pI2_oU1E9k1d7RzOJc-F8gE9XNb7X4kf3WYsn1bcRNnYFcc_GHBQDplTdFKj7uSqkEm5uRhGNlt_BVkrTbDfJQfH8nSJOJTPcEScxqs2_jgYkptyuTdNWvdu4dztE-kIBFbfz9so0M_jBALt3B_9M05IlZ5YohxBU7l5tMMXlX9chbx7Ivi7IvvIYA6IrYZLcZ_mnpxtWr5HruG6ktcoUl-WoARQCAXCG90y_onGqyngWarhDLZG8tlRjr5W1LOHozXCGyoQzK3SJL7o6WjU7lYa29zrpSfBJEc6XXJPNiXYPUPgI3RQnWy-ZhmXMtQh_Dlilx1u52oVDuXCXisz9N8VgUdURZ90AvWMZixSNd-8sdVojqzk7Ejly72cvARoVbXwsKi4oH4e47i4Mu_KJhaleVuK79pB_c5XwmZa7FeOdp76OgTwQd0JWn--Ta6arw0kPeYi6s1qUkBrnZwbojXRl3WyUIKwoR5zn6-8Oi_QDPwzGfGRu5Jn3WcKBm0-hCEftE4dfpkT7_0KzPql1oWuxNsu_TwPFipaFGwpEEr46SKbyhqG3UsU1ZvRdlXpgklLWr3WxRPhBXnjj8I3di9DZpu7MhoZRaIAu0aCAVRcW40Qud_IK-cI9UmwfDDXy2t9-zdr3Q9zd7JTvL-jZzS2OKeX0TQ4v6OymJST8ZJ5_xJcyCrF1t8zT7qrlfAnobUcrzPG4LI6lYYkYv0mxh6EuISXnSV4TNwb4IerypjqQSvtn1GT8WWgn71HU0HGT9gzIKLH7P4W7nL9ve_IKtf7BzJV_8jcDy6rtvnJ1Iuco6lWLXPFgi90LAuoZmHDHn-imt0IDIK9LkV7q1Wed48u0DTyujou8pCaEcDaNYG6Jx5zGY1pa5V33KGZBHlyvwLNBww0n0opG9eDFGjApl-CIv4YxhPqNcFu8Euf89TR5NdIShsAaZUrYq9rIKD6d6yODL9-UlhWFQzrqoZxZUGqPaQuH-31xsSttXvV3_93u81s4QdLENFZzyt8OlMIBM2LoITyrYXOr6_19UnsD5bCQtw3uVaDgLXntJV583goLIcFEgm8zR62Fd8EwJ3GB07tVZkXX5flzDbuYeB-SuGKGefE_t-hyGjH0GvTWpfFcMqGobKXUr2uNxI0wA8fz3-SGBIUlDmdcrfyKB60Em5fiZBV1gUzKkVffYiEB-jvf_cJIW_f-qROC8awvQ5TM7sr-wejpfzHK6a-iC-EnvO8yXAN8gtzdvm8Yi4LvVds8zsrznjInB73sNo9de84c7x5_e1_2ixBLyK7h1MngZviv9k3L2oibEZ9UiaStepaUkGFrhX5Sex2UQSHp3ZIZkthDlIKCBsKYUvCRYdRH5k3xNFAQZq-MbHcrScQpgU9JfjuG-NCqk-b-7hfkvNjAE9cuuAVNpPQoAodtjGBWCO4YrGgSbHYcu2Ru2196Fx2oCETAjZXonEhXAZDoFK9GAiWAhdQNhsGMqu0-ca_tS8Dg7GU_NanynsAKbGvmOYQG9hhVDUHf83OJEykDgnC1JJSHA83SdQb8SXyt6MuXJW0h0hlIHKgmIsgDzvaGkXcI3ngJwyCVCuBO5l_MbPbjkTZYrRXyLmjS3MZgHCtbeyj1PRYt8RORV4Kx6Bmj6Aw2ZKZX4Jnl7tVDqD3hlxATaI9uxmm8P-d34-nn31mABQIdN-wibKSrB3xuon_cNFe3QPnhPlGs2gijWg8q22j5XmgwTnkRq6B45ujolm2-oSDuaFhR_ySysP0PQr5e9qXtl8fAxxz1MTfUanCm4L0P88PbVE4QA1oWT1iE8iSoV7MN4QYbKvMoEelFeeix1rVHiATdQ24WzrTJ3e0LJBqVLBFCt-zdAHf61bvnTw-ow3g7aS-WvXnW3QtUsTOpJoVYZOe-V2QMeykKyRiqAmNeNUlKDr1kCdK-z4gBoY6XCkN3Pe-ii6ZzY0tSpXtR0m2gZa_LVdusZ&cid=CAASJeRoIDMP9i19U8sO9GqeJadCaB48bgRroUioJXUSTEgt1o3guro&rfl=2%2Chttps%253A%252F%252Fwww.updatestar.com%252Fes%252Fdirectdownload%252Freshade%252F2471374%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:03:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 8C5D 8 KB
3 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:05:46 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C5D 0
64 B 71ms
70ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsseMEbzHJ-LTmeA7UgqJPi9sRf3GQ1wgtdBivMOcWKnFovUKgDKmcm_bQbdS9Gq1_9E-sNHV0wy6w_cG2zfqXf7Yq_ibYQKgX4d2GQ2zUBJ5J6TulK5jHKMTFaGnBU5Qfg_U6MFHUPfZC1sdxYzgirHpiX4CrsqPOagXYdLr6GKHQ1XMY07v_N7NUPQg_fbO60rRzx5I3VRDtRfXs7XzsdTS2lKTb1sTt4kPKh5oONfh792eqJc8DAO_FcYT1eq47Me9JLp1DK-v9IXDfnNON-k_e5pzHLRPUbboSQkghplix7aSYJCVtIvqj9C6pfuVp2lCyd6ko99Du_8B5gy9VUg1O7AHp5JQfAgikAcgxwHaCIDYiiDbrbDqZkZs5ts-EaBz6di1baVNZnkWKKGcmdern5n_FxGNC3IBMexocgS0MfA7YsoyDpgaisPlG0lq5K2tjeNzRuebJyTqW6rJCjiInaBwdbfMR_Vo-Kw9VL0_aQ3RtocKgVig77oFLl6hGrfJkxZNWGtnlvTbWZFqgTSydiIvtUf2vH93L8oEbyTybC_sSSCjtUuoyWVCy5-xBZA3cmmoTZlHlJLJeg8VcO6gCk_doNVNWJvL6bF8hvrKB3O_Qa5bv5wkZEze4qPxoxfiIVc7wEOjmOK0ZYTwL5auK92hWWApsxtLxWmjEagFG9v-_Cf75TJdNFGruW7cO3Vu5-5n97NPNC7i5e4TTuP2sXTmBk_E6F4g1nd3uafCDvkThiJw0bdVlLUMJXpwpw3fYCB1ykggLo8Xda_Xg6KytdA0J3uzxYvJu-5mlonMHi3iKwok3WqjH0XJFGUnWinAuWWOB2_zHZh4NSKgSBid6Sfnhvy_wnhAcV113ISfE9VLBFWgGZUbaQtLvV3I1oU-DnduwuUGEhKbTTDVXvceybiQuicTOhHZNxrJII0Iyp6wyP2HRjZlEBSgLDElkZZtYpIs8YdiYEEchrVmto8HoWT0_t5rdcyFctLNr9hk10VTwiVTo7cUSuZRLDbxYfPagwQL20TiZ2WNSI7mov1reyJvxa0X8Mfla-TJbDQOXYWvK1j3e16HpeMxnxdKfgDfsm-YqpCcPx-Y5weuXXxhElKbjTK_CeCS3wnb-OrU-tGru6eQ_TKpgibK-792S_TELrFylT_jfxIXEqnHH5nkL1-CbVHxiMCTmLOUw&sai=AMfl-YTU7j7bKwpofx8NK-er5aEBtHBt8XlYlbpQvc-rCmJM-0wT2P_56wZepAkIomXDnBjACqNmdTVJYQdm4bNTNM0bveZNTm8wmJw9GRmDxWbqjxnTpjPL646vc-Tp3eD1yBZ5rLAZOdigsfuTlX0zJGsncxUBYeojSiZLTixUnpCvmu7lqKR2XMraCcp_JTBhDKpQc7aEnMzikU_gZR3CykIa&sig=Cg0ArKJSzB2P7xTodQk0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220518.74216&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 20 May 2022 10:06:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C5D 41 KB
15 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H2 200 2164804169028230538
s0.2mdn.net/simgad/ Frame 8C5D 25 KB
26 KB 51ms
51ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2164804169028230538

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc89a297477cf2cb84cade8935901317c32efc8d723e4ed0b8aa376b3fbbe6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 17:23:58 GMT
x-content-type-options: nosniff
age: 319368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26034
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 09:50:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 17:23:58 GMT

GET
DATA 200
OK truncated
/ Frame 6A5E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 499fdf2a463786ea380e20a7ca4083b217c5f7842891b731cb15164b8d55e8d8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D23F 1 KB
749 B 28ms
27ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 74434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 20 May 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8637 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc45413c08d03dfbe57de6bf6d1d949cfeaa9516ffe9322d1f5be967fcfa0cab

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8637 0
26 B 117ms
63ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:06:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 55D1 22 KB
8 KB 26ms
26ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 166693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 6A5E 28 KB
28 KB 82ms
28ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 215586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 22:13:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4A6C 1 KB
749 B 26ms
26ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 74434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 20 May 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8C5D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ee80535e609cc2acd37b3e87ca535c5e66216b1a34ccd26981ffc5806e14f73

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C5D 0
26 B 65ms
63ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:06:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9897 22 KB
8 KB 26ms
26ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 166693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5831
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

97ms
96ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 10:06:46 GMT
expires: Fri, 20 May 2022 10:06:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 10:06:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame D23F 35 B
464 B 89ms
30ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLQht_aKi16EbE1_C_m1ro&google_cver=1&google_push=AYg5qPKUUBqQBk-X9zQzUQ0Vw5Cxiv07FgVpJmsrgp4qwpoEJJrAkNnWMbEgE_1L9GBI1_YXPod1cP7dH_OyF4YS44D6YP35KB3k

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D23F
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJmPECDNOfRD2_Jq-dQt-2QZoUbqv1x-dCGdov...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9kb05nQUFBUUdmSGo4eQ&google_push=AYg5qPJmPECDNOfRD2_Jq-dQt-2QZoUbqv1x-dCGdov2sbOh6F6ETtAHTXXO8v3f5E6YaK5fT_qJd6Chh-Q6rMNc9wefZifdbOI

170 B
188 B

37ms
37ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9kb05nQUFBUUdmSGo4eQ&google_push=AYg5qPJmPECDNOfRD2_Jq-dQt-2QZoUbqv1x-dCGdov2sbOh6F6ETtAHTXXO8v3f5E6YaK5fT_qJd6Chh-Q6rMNc9wefZifdbOI

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9kb05nQUFBUUdmSGo4eQ&google_push=AYg5qPJmPECDNOfRD2_Jq-dQt-2QZoUbqv1x-dCGdov2sbOh6F6ETtAHTXXO8v3f5E6YaK5fT_qJd6Chh-Q6rMNc9wefZifdbOI
Date: Fri, 20 May 2022 10:06:46 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D23F
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJHpttH...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJHpttH...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjAxMDA2NDYwMDAxNTczMjkwNzgzNw%3D%3D&google_push=AYg5qPJHpttHUBoz3BFxXpJrQq-zxKCpir9XLXryYFBNlC6uPN4ejZZZeHhSjH8Y7mr-p9...

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjAxMDA2NDYwMDAxNTczMjkwNzgzNw%3D%3D&google_push=AYg5qPJHpttHUBoz3BFxXpJrQq-zxKCpir9XLXryYFBNlC6uPN4ejZZZeHhSjH8Y7mr-p9vXjwxZhic6ATlRxAAgH5hV25P9_aU6

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjAxMDA2NDYwMDAxNTczMjkwNzgzNw%3D%3D&google_push=AYg5qPJHpttHUBoz3BFxXpJrQq-zxKCpir9XLXryYFBNlC6uPN4ejZZZeHhSjH8Y7mr-p9vXjwxZhic6ATlRxAAgH5hV25P9_aU6
pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 20 May 2022 10:06:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D23F
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESECq7lRMpA_lgvFQVEXdc1wA&google_cver=1&google_push=AYg5qPK7dDZmBNI03AfmkSPbPjxyRoWaY1BbuOwcScjxZ-C0vGyn4IY61THIZsrbWUASxwrcTQjxgLgbqeH6934f7PHfysLKQYHL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK7dDZmBNI03AfmkSPbPjxyRoWaY1BbuOwcScjxZ-C0vGyn4IY61THIZsrbWUASxwrcTQjxgLgbqeH6934f7PHfysLKQYHL&google_hm=Vn9_TyPywlEhVM4c0tZC4w==

170 B
188 B

37ms
37ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK7dDZmBNI03AfmkSPbPjxyRoWaY1BbuOwcScjxZ-C0vGyn4IY61THIZsrbWUASxwrcTQjxgLgbqeH6934f7PHfysLKQYHL&google_hm=Vn9_TyPywlEhVM4c0tZC4w==

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:45 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK7dDZmBNI03AfmkSPbPjxyRoWaY1BbuOwcScjxZ-C0vGyn4IY61THIZsrbWUASxwrcTQjxgLgbqeH6934f7PHfysLKQYHL&google_hm=Vn9_TyPywlEhVM4c0tZC4w==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 5sc7jtp3kvm1vmaee2qetl0ub86rdhqc

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D23F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iBWzMVA3SReZCXjORG65qw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iBWzMVA3SReZCXjORG65qw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK1zCMnCReSNoaaVTkRxSBePfaSuVs_lVo8nzQ1g9ipc1LZuydBTmqeJu7QP2aSl3b0I2QDmp4zgS_Gx8b3x1Ei_O2_kLjP

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iBWzMVA3SReZCXjORG65qw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK1zCMnCReSNoaaVTkRxSBePfaSuVs_lVo8nzQ1g9ipc1LZuydBTmqeJu7QP2aSl3b0I2QDmp4zgS_Gx8b3x1Ei_O2_kLjP
date: Fri, 20 May 2022 10:06:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D23F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELhG-3xV4osdP15jC8m8FIc&google_cver=1&google_push=AYg5qPKLx1oUqCdt9258n2eT0NAA5CEnsysDTVKOgK2E0TR39erK1y7tbtyR2W4kp_c8XT2gdqc...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNFQTFYWkMtMVYtS0ZZRg==&google_push=AYg5qPKLx1oUqCdt9258n2eT0NAA5CEnsysDTVKOgK2E0TR39erK1y7tbtyR2W4kp_c8XT2gdqcurOyniFRq4sHS9esDncfDDnQc

170 B
188 B

38ms
37ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNFQTFYWkMtMVYtS0ZZRg==&google_push=AYg5qPKLx1oUqCdt9258n2eT0NAA5CEnsysDTVKOgK2E0TR39erK1y7tbtyR2W4kp_c8XT2gdqcurOyniFRq4sHS9esDncfDDnQc

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNFQTFYWkMtMVYtS0ZZRg==&google_push=AYg5qPKLx1oUqCdt9258n2eT0NAA5CEnsysDTVKOgK2E0TR39erK1y7tbtyR2W4kp_c8XT2gdqcurOyniFRq4sHS9esDncfDDnQc
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D23F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKh_lrQv522XmysBlAoN5Jo&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YodoNld0NRHXGJQxEijmxQAABI8AAAIB&google_push=AYg5qPIagr9DUAwVbNGUMogiCPiPEFk6TEVpz5SR4Mf0QdpMP2qomz9pCWkF7JxaPsgci_VltQeEFNZYf1sYeOUk-O...

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YodoNld0NRHXGJQxEijmxQAABI8AAAIB&google_push=AYg5qPIagr9DUAwVbNGUMogiCPiPEFk6TEVpz5SR4Mf0QdpMP2qomz9pCWkF7JxaPsgci_VltQeEFNZYf1sYeOUk-OXT97k7aT2O&google_cver=1&google_gid=CAESEKh_lrQv522XmysBlAoN5Jo

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:06:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YodoNld0NRHXGJQxEijmxQAABI8AAAIB&google_push=AYg5qPIagr9DUAwVbNGUMogiCPiPEFk6TEVpz5SR4Mf0QdpMP2qomz9pCWkF7JxaPsgci_VltQeEFNZYf1sYeOUk-OXT97k7aT2O&google_cver=1&google_gid=CAESEKh_lrQv522XmysBlAoN5Jo
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Fri, 20 May 2022 10:06:46 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D23F 0
12 B 35ms
33ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LaTK3_FpG9vVgfuDpDV_WApQBjbUnrZrq0FbJS_xgh-yTTWXcjYaf66CtiuFXfJQ0MEgKl

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4A6C 35 B
464 B 75ms
29ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLQht_aKi16EbE1_C_m1ro&google_cver=1&google_push=AYg5qPJhxWtECO6tQcIYveiD6b9yStz8VoqrIDVCVQARk-CRGHJNJ5-bVCA_LQciD9dAAqVIcdXioSHQAw0ySI6p0Jsc62XYevhV

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A6C
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLBk5JA...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLBk5JA...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjAxMDA2NDYwMDA1NTY3NzA0OTM0Nw%3D%3D&google_push=AYg5qPLBk5JAyZ-G1UMamtMhGC51ckuTzcliCP0u5r007-CW_8XP-kG9VUM_EbtNqVIV0_...

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjAxMDA2NDYwMDA1NTY3NzA0OTM0Nw%3D%3D&google_push=AYg5qPLBk5JAyZ-G1UMamtMhGC51ckuTzcliCP0u5r007-CW_8XP-kG9VUM_EbtNqVIV0_MX7iyghAkIFxb_K9bUMzCjZx13znA

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjAxMDA2NDYwMDA1NTY3NzA0OTM0Nw%3D%3D&google_push=AYg5qPLBk5JAyZ-G1UMamtMhGC51ckuTzcliCP0u5r007-CW_8XP-kG9VUM_EbtNqVIV0_MX7iyghAkIFxb_K9bUMzCjZx13znA
pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 20 May 2022 10:06:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A6C
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELwL3Eigd4Jb_rqk0jv27fM&google_push=AYg5qPJHgbbwHNkksEjnN5JMm98SHLkHwpcATG_z3hVHqLPurmNnuH9pSFkiTUpKOgVFkiRAqb5UhJB-9s3WW0fUdjKSc1D...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPJHgbbwHNkksEjnN5JMm98SHLkHwpcATG_z3hVHqLPurmNnuH9pSFkiTUpKOgVFkiRAqb5UhJB-9s3WW0fUdjKSc1D38bdw&google_hm=MTA4MTI4NjEyMzIxMz...

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPJHgbbwHNkksEjnN5JMm98SHLkHwpcATG_z3hVHqLPurmNnuH9pSFkiTUpKOgVFkiRAqb5UhJB-9s3WW0fUdjKSc1D38bdw&google_hm=MTA4MTI4NjEyMzIxMzY2NzQ1NTY

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPJHgbbwHNkksEjnN5JMm98SHLkHwpcATG_z3hVHqLPurmNnuH9pSFkiTUpKOgVFkiRAqb5UhJB-9s3WW0fUdjKSc1D38bdw&google_hm=MTA4MTI4NjEyMzIxMzY2NzQ1NTY
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A6C
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESECq7lRMpA_lgvFQVEXdc1wA&google_cver=1&google_push=AYg5qPI-OCjWwG-HJb0Cf23yMp8ZExdWbKPG7hyO5cqUFehL1lUvYFdBiLcfWETbVoSGv6MHrqPBpk7Ne4az6mwHrKpp-9_L5Zvi
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI-OCjWwG-HJb0Cf23yMp8ZExdWbKPG7hyO5cqUFehL1lUvYFdBiLcfWETbVoSGv6MHrqPBpk7Ne4az6mwHrKpp-9_L5Zvi&google_hm=Vn9_TyPywlEhVM4c0tZC4w==

170 B
188 B

39ms
39ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI-OCjWwG-HJb0Cf23yMp8ZExdWbKPG7hyO5cqUFehL1lUvYFdBiLcfWETbVoSGv6MHrqPBpk7Ne4az6mwHrKpp-9_L5Zvi&google_hm=Vn9_TyPywlEhVM4c0tZC4w==

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI-OCjWwG-HJb0Cf23yMp8ZExdWbKPG7hyO5cqUFehL1lUvYFdBiLcfWETbVoSGv6MHrqPBpk7Ne4az6mwHrKpp-9_L5Zvi&google_hm=Vn9_TyPywlEhVM4c0tZC4w==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 4uan5mbk5u3slbrjun4ftfaj4lj68cil

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A6C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KF2FIPw1SvSKyOybdNAscQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

44ms
44ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KF2FIPw1SvSKyOybdNAscQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI5RGWgWjwEqYytDUqoXTbrWnxM3OIMv5EoqGorezsovsbLTQ4AkQl7wniMGZo5p5oxkLvSXvVNuaz921Cc9KhCuvzeWDVN

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KF2FIPw1SvSKyOybdNAscQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI5RGWgWjwEqYytDUqoXTbrWnxM3OIMv5EoqGorezsovsbLTQ4AkQl7wniMGZo5p5oxkLvSXvVNuaz921Cc9KhCuvzeWDVN
date: Fri, 20 May 2022 10:06:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A6C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELhG-3xV4osdP15jC8m8FIc&google_cver=1&google_push=AYg5qPKSQpEcIWWx5JCYJk8J0NiHNvmVgpOYF9cbvUityr-cZm4GN_iMENYJ5EJKsL7O5KL7yyn...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNFQTFYWkctWC1EMlJR&google_push=AYg5qPKSQpEcIWWx5JCYJk8J0NiHNvmVgpOYF9cbvUityr-cZm4GN_iMENYJ5EJKsL7O5KL7yynDtlzcS2e8N1O1wuM0lQknxrQ

170 B
188 B

43ms
42ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNFQTFYWkctWC1EMlJR&google_push=AYg5qPKSQpEcIWWx5JCYJk8J0NiHNvmVgpOYF9cbvUityr-cZm4GN_iMENYJ5EJKsL7O5KL7yynDtlzcS2e8N1O1wuM0lQknxrQ

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNFQTFYWkctWC1EMlJR&google_push=AYg5qPKSQpEcIWWx5JCYJk8J0NiHNvmVgpOYF9cbvUityr-cZm4GN_iMENYJ5EJKsL7O5KL7yynDtlzcS2e8N1O1wuM0lQknxrQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A6C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKh_lrQv522XmysBlAoN5Jo&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YodoNld0NRHXGJQxEijmxQAABI8AAAIB&google_cver=1&google_push=AYg5qPKqA2xTmt62s6YqU0A3-_l9eiQu93FbPpfaRiYQzmE68xQCRJhvZ5tTS2gkd7az3BDZdm4n...

170 B
188 B

44ms
44ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YodoNld0NRHXGJQxEijmxQAABI8AAAIB&google_cver=1&google_push=AYg5qPKqA2xTmt62s6YqU0A3-_l9eiQu93FbPpfaRiYQzmE68xQCRJhvZ5tTS2gkd7az3BDZdm4nLxSopfNTlgQ78zUtZ_WWJg8M&google_gid=CAESEKh_lrQv522XmysBlAoN5Jo

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:06:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YodoNld0NRHXGJQxEijmxQAABI8AAAIB&google_cver=1&google_push=AYg5qPKqA2xTmt62s6YqU0A3-_l9eiQu93FbPpfaRiYQzmE68xQCRJhvZ5tTS2gkd7az3BDZdm4nLxSopfNTlgQ78zUtZ_WWJg8M&google_gid=CAESEKh_lrQv522XmysBlAoN5Jo
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Fri, 20 May 2022 10:06:46 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4A6C 0
12 B 36ms
34ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JV8Y3Hd6bIRSz7lYfixh4u3zwP08kM2hjjJjQI6ZvPjAtZItUW4J9f7TtH_B6EDPAIz779

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js Show response
pagead2.googlesyndication.com/bg/ Frame 55D1 35 KB
13 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13637
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 06:38:03 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F0AD 42 B
64 B 62ms
62ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsve4PcXHZjIuYuTxtPtnQSJvHaI9Cc-fzZ52qnZIlhykx92K2HpHzHYyY_ao09x1kkWnNhxLrnEa56QYvJAUQOnEjibV6IOgIb8oOco7z765-3FLhMXQSUalQ&sai=AMfl-YRisWjqYyxn0SgBkbhCRpDdqqoCFTVDFD2j6CU8kPVO-YRA4XFuRBNC_kYpW0qlmUqh2fHbSWHWp3TTt_WAP_KEzF0LYifEbpRfcA0Gwrb9S1yVjwPoaesoPDlcd6ZM&sig=Cg0ArKJSzMBP2LGZCIqtEAE&id=ampim&o=286,136&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1007&mtos=0,0,1007,1007,1007&tos=0,0,1007,0,0&tfs=241&tls=1248&g=100&h=100&tt=1248&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.updatestar.com
URL: https://www.updatestar.com/es/directdownload/reshade/2471374

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9897 35 KB
13 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13637
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 06:38:03 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 94ms
39ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6718fce37ef57de5b129b6247023c03d8a9cc3f18465db44a6b57d2dfae5f8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10610
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55D1 0
20 B 65ms
64ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgjqsNWiHYpagM4q03gOkmILAAgAAAAA4AeAEAg&bg=!V1SlVBDNAAZ4vKt9WLw7ACkAdvg8WmxPEMbwWf_qW2OUWRosmDHAqr1-Er2cEypp909BqMqn2jZWLgIAAACpUgAAAAJoAQeZAulpgXQNnG1KE-kOwa_7UW-iuBN52e7UK9olxQo1_ygsPkRs3ByT2hDPMSNuwJ_PBP4gRvHpzEz_2kc7OTri0k9NNaq1YdhkXuDOZ1rjl-lSN52Cf7q0n3bv72H6CUcOkU3NPn-hf2mKUzDcvo7MdrWGEMU3hm-2G6_weowzokadhSFelyp9IKzyqnRadvatourRUN-M0aBBftngKuYYJ-bhCSgXjaFMI2uHy1Mj2QI8PClw1zbZ8vEVIZh8mqZtCnAHi5g8U5fZtvL6RUM13aRByq3p0wxKlZOb0QYdx02n19CfXS3OrftvW6T9t9-lWZJ0yEit5Y0nCV3HbFiwYGqS0xdXqp_3QZT6V8Mpx1EcqQ5a_G_mRIsWMlQXc9kY0s9LPJHtZMvD8UEWwo5fwgq0p4Sps_R7jR0NtSnZ2wfIJXFyAGNqvvW0SSbOc4DFqec-XnR6kzgmubklPkr-yc6gGHx4woFhircfbLqnVuPFKHLrd54n99Vg7utVEEq_bEZM7Xk8m5DvFNW7p8abjTNdL6RSaA54DAKRwsdahTT5hTCU3OJMB6CqMpkvmrVUBVtbbXf5FWLp8qhk1skBfyOIXwyqzI5iAFj3F3nKeoKSMj7miCjWI4UZ0d0tqe8bCaDGvGuxrVJgHdxuxCFHQ4imAtya1Bn1h4qCo2ddIk0V37GdqWnmJxTUzgsHoBjJ0xDZ8LzmLfZrxfWEEDWgywPuSjHd3ktdt5b_2hCLJdraPe8my0_yoVazoKU28pjkBoDM0KyhyvvYx8K01q_mgNVlZxDsqfT5tjrdWOVNmbTRQMcgvelS-_K4LE0O4ejaVtl1J2yWsg9frapO6GHG0P2UdXFayTl4tdEKzhSh8GlCW3ir0B7EeWMXbkQ6IZojt34cgjsgZKtbEjfvvZAL2wVoyk5nmBWbcfwhukkaUHm3_iSiVgYA7wyaLr87QNQz-UEognixvlw5XYFzappqoPzKogN3gX84gIGX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js Show response
pagead2.googlesyndication.com/bg/ Frame BB65 35 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13637
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 06:38:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9897 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSpTaNWiHYpLQNYqIgAfi9bQYAAAAADgB4AQC&bg=!sLOls_fNAAZ4vKt9WLw7ACkAdvg8Whxc-MDX0zaF3LoV_Imw-xVpi2KTHhdrdpoEZvCx5gUWaqy04gIAAACrUgAAAAJoAQcKAHcqLT7XI_EeNH_ptSZKcfAmUjJ3tpLNfFjaePYxhL4kS2PYk8IbUq5TGoB89SlNHDdYTqJrJjJ_QPK_H4k_RXK5l7_O1ZYRUfKDqe9-l-eCiDdAtg3dweexT2bOQJv4XTloFw_pJW4xn96ZoEZSL_yHppqQq8FGFpkC6A39I3mgyunSqUFKg68g0BU6DI-NHSrK9Z2ypFoeBb9W32Y2C3JjOCC_3-u9U9PNNqAXJF0V7VU7Lgv0si6XXPHONLEkp3en20xWxvkTvjdKyHLm-8v15gBjYlmsBKEZdxcf3XVbGDUQnWja1i6jJSJloMZ5S7E9ycjtOmLTl3q10Q7-BYO9Wi-Y0ZYEwQTkcHYCLzV4z-AcBonXqzCCGK5Vn9oNAYMapkZlcJxrOIrzxp8VlobAeXWFtGRI_vlg4DT16LZyGgNwJWwRjvheq9slsIbzl-z6EcDzWSgvvbX66o8c1dD-X8TqXcfEwtD3IOvVanrOBpJQWap5aL5F35KieWYTS-YpL3n-MNkau2STBLgEoBY_FcE0vTKCtJPC4EM-kl3PokANkn8xr9hSbEQ_vV5C-WKiWUn6mZ1_2CC7EwprUGBfsxmGPY_7v2q2kTA0Wunnp0QjYL_V340hyt27KIRTfy4BScBCPZEXIXe2pL7KIaFd0iXgByQNKeVtfJXgnEppuarPXYC2AVpWrmc_aEnEPxyZ6X6Chtx8i3TKr7Aggr-Zu9J9x0_YfpZHEnPU4KIS6tPpYTMnScJfNczBFQyIdS-QPCabJFF-Cw7sIUPyQozC0Qmmg7mK4T1NYwGODerwOoaFzdeTLLLrqoKCuxGHgx_AX745Jgw1XlIS9syPveMhmptl3QGbUI9TxBQAmNc1I9O3FyW2K0yAAnPc5feAVWPiBj3W5WUJptl0YAkl6IAtBZjyWU00eV221iv2nJGIlcOVmS0xJfIPNT54XQTmLqyMWfMCiROiFd5RPBFWPNDdb0biDVXdd8t90AM_U9SPcRI8XlamIQdCjHEZfriJeEBtACPTrI5JV3_NnPTMrtz4gbG2iRUaEDdQvhqxc9eRRqtvF7DwReyqEjOyZ3LPBtOcp52uicl8IAb6a14aYqpo-gCIli-L7yARfgr3nRy7rhQLAIi3tdw4eA_7VUoe14b5wg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 10:06:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE68 13 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 2230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 09:29:36 GMT
expires: Sat, 20 May 2023 09:29:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 57C9 783 B
533 B 35ms
35ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40e91ca5366808979aff9ca55552f3dfcd1122f3fc1bdbcaba5c4a4790920fd0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vIMpOnlgBl0qdrf8WpAlkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-vIMpOnlgBl0qdrf8WpAlkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:06:46 GMT
expires: Fri, 20 May 2022 10:06:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js Show response
pagead2.googlesyndication.com/bg/ Frame FE68 35 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13637
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 06:38:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 57C9 0
0 132ms
131ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051701&jk=1446157209565466&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 35A7 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukoNZ6GC1AUzbffgkQoEdRHIhAOEOl8zESibHseq8T_g307AxwjtLX5lRjjYbjPlK9pFldXTIc_GHt3YbLDDf7gSUJtcjy6008siWrdHOOFjVLor1kJr-1SUFR&sai=AMfl-YSGp1iNhXOy3QA8A94E48IByg9WY9xmhzJ3bLaGse_x8F2BDwBOuW1MK2VRXd4XT9Ip9CGJLxdYhGiO&sig=Cg0ArKJSzJ75toBV4nW6EAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=112,708,1001,1126,1126&tos=112,596,293,125,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653041205373&rpt=282&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FE68 0
9 B 28ms
26ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6gTRnQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:06:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 92ms
92ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051701&jk=1446157209565466&bg=!trWltfHNAAZ4vKt9WLw7ACkAdvg8WnArMT4MNx4uXH25zDP-H4Lk1KZcT7OS2CtDdIcbrlEPx6lGigIAAABrUgAAAAdoAQcKAF2xnIXuSPWWaaEVs-8K-tYGJsPF7Pv4jAsK2NI_16tqsExfvOMR5zOwstusMfZu-OGfJT_oY9FRKQzlk2klT-1G80jqOlvorjKMMI1l1NykGz_AiF6jPbBW8fuKvtGZAq2x4hQQL4RkuYh_hUbO1VkavQePrOtxJpA3gNxLeeDLRhGw6pYuAWhuTc47vlxnAKTkR6EX8bq17xNm8lUs3JNNC14pZm4Qou-TwBEmTqzkZE69diVfWi_IwlHBaWAp1zqTJXv3Y8JMeIL9gD1wkhb2n4LasW2PNm2VmdDjzis-qa96TkIJZki23egs1vcA82m33NCIpO2qffXJylgp8jUyPb2JMQkVIxVDJO-6wGqV0LOTRBDbhq7zh54tfziX_vWOgg-GWjBcR_uX0w_-IBV0aSWdROn8nCU-GY4yB-AGt_tTMzUuHOMqTRRVoL1w0tBWfxY_KeNWhNg3IS-qNgS4ymm4M18ON42Bs7_OXBKsGuJkE6xvzJn77k9dbMlq2XyvnfEBk6uGXH4nhMEjf8wRMNnE5cMLq4y313BANVOe4pZPZqQgb7jo_sT5xzdOkDZSI2_0_Wftmkm8BVh_u70pXe32EJXK0LqpTmc6JqIocIr6X4Kf_5nwz8ZSBo89-0Uu3wxkwJza70HLzuMbFd0uyIKbGzi1k_FTFqdHol5fevrHgMq21cwemXniNGqUTNYUEclf9XO4PuljX9ndlFRvCGIXMGK8SPMXejhGmLled9MPRfhhOZI4Wd3GJqxVrubTnZZI_ozrdgS0ozsoZqGYIb0orBsW_otKPg10tr2S9GPptHuXMBMuQbo2EUybSE5eAhHQjCteuwQ587Ue4JZA-j_spoaUaK0nEKY7LmCl-duYSWB-UZorUTOiNVMDOvS7qj5xMu9IxLpbS3Mn5ZOP_fEKGc2ZR96Q_zveG9ouhtBla7QDfq9F8UMfdb9QyeENo_wWO8L_t4lKTecP4lrzT-naWf2rVw92FqObLp879gjcHE9SXvRNOAtXHXY9SL0DOqqC28PEmCMzzc7H
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.updatestar.com/es/directdownload/reshade/2471374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6A5E 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuWZOph_fYLEwwCRf5yoNklqfd7wK8rsY86t_PZXx9MXWumg1jMmYPvHyM-Iy0WfXl8_BdeOE2T1PqtZkd4W1S9SBCndHEGZbgeR8-BVOHrLP9KUIbUpl7ZfP6&sai=AMfl-YSIt0vnFjes_nLWm1iykP9no057jQaSxuslsgRFFG7xwisWJ81MboRblzPNws0scJfO3EUUiDBFuvTn&sig=Cg0ArKJSzFDdIQIcY3nREAE&id=lidar2&mcvt=1000&p=0,0,280,1028&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2335003757&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653041204740&rpt=1745&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:06:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.updatestar.com/	1970-01-20 20:41:53	Name: _ga_QYZVPCNV1D Value: GS1.1.1653041204.1.0.1653041204.0
.updatestar.com/	1970-01-20 20:41:53	Name: _ga Value: GA1.1.86970508.1653041205
.updatestar.com/	1970-01-20 12:32:17	Name: __gads Value: ID=d72e2f6e32c624e5-22e421d699cd00d3:T=1653041204:S=ALNI_MaEUJqAgQHWtf7nnY6UPdvYyo8jEQ
.updatestar.com/	1970-01-20 12:32:17	Name: __gpi Value: UID=000006832dd5fda4:T=1653041204:RT=1653041204:S=ALNI_MYOkkRoeRqoQnTGP1rE8S_RoDdYQg
.doubleclick.net/	1970-01-20 20:41:53	Name: IDE Value: AHWqTUn4ky-AQhn3eqD9t5PsqmjdtLVEF-a-oQUzLjmkfYbxAXV6vi7M6ucvJqWH-Fk
.doubleclick.net/	1970-01-20 03:10:44	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 05:20:17	Name: uuid2 Value: 6633769086437486163
.openx.net/	1970-01-20 11:56:17	Name: i Value: 5a85ca2a-23f3-4488-9df6-4a4365e84ba4\|1653041206
.casalemedia.com/	1970-01-20 11:56:17	Name: CMID Value: YodoNld0NRHXGJQxEijmxQAA
.casalemedia.com/	1970-01-20 05:20:17	Name: CMPS Value: 5169
.casalemedia.com/	1970-01-20 05:20:17	Name: CMPRO Value: 1167
.casalemedia.com/	1970-01-20 03:12:07	Name: CMST Value: YodoNmKHaDYA
.casalemedia.com/	1970-01-20 11:56:17	Name: CMRUM3 Value: 2d628768362760
.quantserve.com/	1970-01-20 05:20:17	Name: d Value: ECkBCQGXJoEA
.quantserve.com/	1970-01-20 12:40:55	Name: mc Value: 62876836-4ca20-4f144-2df38
.mookie1.com/	1970-01-20 12:39:29	Name: id Value: 10812861232136674556
.mookie1.com/	1970-01-20 12:39:29	Name: mdata Value: 1\|10812861232136674556\|1653041206333
.mookie1.com/	1970-01-20 12:39:29	Name: ov Value: 521e6199943897213c79a5c932421d6e
.e.dlx.addthis.com/	1970-01-20 12:40:55	Name: na_tc Value: Y
.pubmatic.com/	1970-01-20 03:12:07	Name: KTPCACOOKIE Value: YES
.addthis.com/	1970-01-20 12:40:55	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 03:53:53	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 03:53:53	Name: na_sr Value: 20220520
.dlx.addthis.com/	1970-01-20 03:10:41	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 03:53:53	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 12:40:55	Name: na_id Value: 2022052010064600055677049347
.addthis.com/	1970-01-20 12:40:55	Name: uid Value: 62876836f03503c7
.addthis.com/	1970-01-20 12:40:55	Name: ouid Value: 6287683600010d1ed951addcd0b740a242b822b92d3a760eb17a
.pubmatic.com/	1970-01-20 05:20:17	Name: KADUSERCOOKIE Value: 285D8520-FC35-4AF4-8AC8-EC9B74D02C71

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-4118765744455397&fa=1&ifi=7&uci=a!7&btvi=3&xpc=3oJAsXoyWi&p=https%3A//www.updatestar.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6e8ec56d1ae57b557712a4ed2528a853.safeframe.googlesyndication.com
adservice.google.com
adservice.google.fr
ajax.googleapis.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
news.updatestar.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
w1.updatestar.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.updatestar.com
104.90.192.27
142.250.186.130
142.250.186.98
172.217.16.130
185.33.221.119
23.35.236.247
23.35.237.56
2604:7c00:22:3:4412:50f:c03b:1b31
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:802::2003
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a01:488:67:1000:5bfa:5108:0:1
34.98.67.61
35.227.252.103
35.244.159.8
52.214.225.206
69.173.144.139
8.28.7.81
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
071859fb3e9c665f3a1f0db8cef4c0f4b611396ac5d7623f0162d774dbfd75de
0a670af432122e3764c4158dc266777f44759e2f7fa46eb3be9da908db1b1c5c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140aed74a8039cc990606d83d6e9e307991f88e212203d0006324f9a788de078
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1ee80535e609cc2acd37b3e87ca535c5e66216b1a34ccd26981ffc5806e14f73
20eead7e17d56b571a5ee1cf2d1c7f6ca79bc672fcd01b6e2273a3ec8973033b
26b7d66f5365fc4106d97bd0e796c21decc09ad3b96afe831d7c0c7ba7b4e7f7
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
3728c4200575ae429059881bd337d80412973989b3d9dcac88323dd8696bebe6
38fd859bcbbd6cfac90958b3ec0ffe155f5eee9dd8a2f58f934d3cb41d97b924
3bd4eb2ece0fe98f279a14bb2b61ecbbcd501a598b50f1f8b211f76ecd420996
40e91ca5366808979aff9ca55552f3dfcd1122f3fc1bdbcaba5c4a4790920fd0
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
43b2257943be91be0615226096e672fe5a57b4171989e66cc100e32a7d3c3b15
47ca400d81b93f33e0469eade0b32f9eee4969ef7ae038c8d6999c5fb0c239d3
499fdf2a463786ea380e20a7ca4083b217c5f7842891b731cb15164b8d55e8d8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a626d8a0f2354474262b088c3a8a8013115856031d7aa2fb62c4d8926c8af24
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66fded86d5c88131bb971488b31a15ef3fd5a349f0d648e6f34c3488c97099d3
6718fce37ef57de5b129b6247023c03d8a9cc3f18465db44a6b57d2dfae5f8f2
6a599aafcbae80428d4c60edf27ce01525abaccd98bb93d79a11d998e083a7d6
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
6e16cbeacdbd2d1154e8249a41bc885b3778aece5429cf3f619a9d3b71175a35
72cab38d2c79b7dbd91f290f71aac2b1cee28865ae3f72f0c6a54e9df76c154d
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
79f23a519a36b83e5c340adae2d851a2823acbeb450e2995047ca157db403ef6
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd16297359b2b6e31d951746e0654be6fd3152157fdc706ab287bc760eae694
91c8b82c7fb728069e9d74374685ca27795ec678577ee4c6acc6aff344ecf5b0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e1a0e894abc05b2a059b358748058b6bcf54a81e265b01226a2e2dcbeae5829
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b0c24d345476de0dce12ea497ad5441b42fb6b67f53e759aaef7987f6a1d2f
a840a4d4e10632a52f6e535281be12304036c383888db1cacb2d11cb62fd4d65
acc89a297477cf2cb84cade8935901317c32efc8d723e4ed0b8aa376b3fbbe6c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5d583c427f0e29d696894a5eee256b28ecddf01e09ef766a882164a5fc70ca8
b832270f87c81a57b0a00f71c092f1817547ac3faf640973ab21ee8657597054
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
bb83b9dd8cdea1c7829136b2dca181b7424d3c8b18a6ed8207d96da614e03274
c276bb98937d9ecaf38d3442b7e5f2c765badd42a83d9b582a2b405de033ef95
c95d5f04773972bf06871d102ca2d5b977dbf9adae371b817b56c088e27403ec
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
cd7e155cc1a97d339ee280ca2b48faf49066403eb3a83956acdd797a1783032f
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d7f9e773df58578a31e39563a1c27d77a2818d2f54491b28b0dc6991d20e8ab2
daa6dcb911eda03514228566816bb4a44d722a336df4aba0976948a44f8db6e6
dc45413c08d03dfbe57de6bf6d1d949cfeaa9516ffe9322d1f5be967fcfa0cab
e011e5db5fba47db92bc725349b3ef86a4c8cdb49a750ab259704596e0e5ef05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79b86b0e4240344fe9c2a45b621862d35117ee64350eedf3a7d6df0bd7a00c0
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
ee37b643cf3a2df01f5eec9d5e90ae0b8c9fa384632aa111d783ad16de299bf4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
fa6b48a06e42c5cdc782f588d5efb0a3e5fadb71300ccdded852db11541d0ebe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.updatestar.com Open in urlscan Pro 2a01:488:67:1000:5bfa:5108:0:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

158 Requests

89 %HTTPS

58 %IPv6

23 Domains

35 Subdomains

24 IPs

4 Countries

1683 kBTransfer

4429 kBSize

29 Cookies

34 Outgoing links

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.updatestar.com Open in urlscan Pro
2a01:488:67:1000:5bfa:5108:0:1 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

89 %
HTTPS

58 %
IPv6

23
Domains

35
Subdomains

24
IPs

4
Countries

1683 kB
Transfer

4429 kB
Size

29
Cookies

158 HTTP transactions
5 data transactions