participant-v2.tirokdo.com Open in urlscan Pro
2600:9000:20eb:7000:19:2400:a080:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Submission: On January 13 via manual (January 13th 2023, 4:19:41 pm UTC) from FR — Scanned from FR

Summary HTTP 130 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 26 domains to perform 130 HTTP transactions. The main IP is 2600:9000:20eb:7000:19:2400:a080:93a1, located in United States and belongs to AMAZON-02, US. The main domain is participant-v2.tirokdo.com.
TLS certificate: Issued by Amazon on October 8th 2022. Valid for: a year.

This is the only time participant-v2.tirokdo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2600:9000:20e... 2600:9000:20eb:7000:19:2400:a080:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
3	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
4	13.32.27.28 13.32.27.28	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20e... 2600:9000:20eb:d200:13:b126:2dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 3	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
12	172.217.19.98 172.217.19.98	15169 (GOOGLE) (GOOGLE)
3 3	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:206... 2600:9000:206e:f400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
130	25

27 2600:9000:20eb:7000:19:2400:a080:93a1 (United States)

ASN16509 (AMAZON-02, US)

participant-v2.tirokdo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

code.angularjs.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.27.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-28.fra56.r.cloudfront.net

oldy4rchtk.execute-api.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:d200:13:b126:2dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.tirokdo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.19.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s27-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.33.19 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:f400:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	424 KB
30	tirokdo.com participant-v2.tirokdo.com www.tirokdo.com	1 MB
20	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 216	125 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	144 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	2 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 292	66 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	25 KB
4	google.fr www.google.fr — Cisco Umbrella Rank: 14679 adservice.google.fr — Cisco Umbrella Rank: 24460	2 KB
4	amazonaws.com oldy4rchtk.execute-api.eu-west-1.amazonaws.com	11 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 434	2 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 702	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	145 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22	20 KB
3	angularjs.org code.angularjs.org — Cisco Umbrella Rank: 58800	8 KB
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1592	788 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 593	916 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 521	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 728 s.tribalfusion.com — Cisco Umbrella Rank: 1773	1 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 306	460 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 1028	724 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 636	465 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 954	576 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 679	444 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 301	265 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2725	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 813	694 B
130	26

	Domain	Requested by
27	participant-v2.tirokdo.com	participant-v2.tirokdo.com ajax.googleapis.com
17	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	pagead2.googlesyndication.com	participant-v2.tirokdo.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	cm.g.doubleclick.net	googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	fonts.googleapis.com	participant-v2.tirokdo.com googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	cdnjs.cloudflare.com	participant-v2.tirokdo.com
4	www.google.com	participant-v2.tirokdo.com tpc.googlesyndication.com googleads.g.doubleclick.net
4	oldy4rchtk.execute-api.eu-west-1.amazonaws.com	ajax.googleapis.com
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	www.tirokdo.com	ajax.googleapis.com www.tirokdo.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.fr	pagead2.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	participant-v2.tirokdo.com www.google-analytics.com
3	code.angularjs.org	participant-v2.tirokdo.com
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	sync.1rx.io	2 redirects
1	pixel.rubiconproject.com	1 redirects
1	odr.mookie1.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.fr	participant-v2.tirokdo.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	participant-v2.tirokdo.com
130	35

This site contains links to these domains. Also see Links.

Domain
faq.tirokdo.com
www.instagram.com
www.linkedin.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
*.tirokdo.com Amazon	`2022-10-08` - `2023-11-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
show.morii.com.mx GTS CA 1D4	`2023-01-07` - `2023-04-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.execute-api.eu-west-1.amazonaws.com Amazon	`2022-07-20` - `2023-08-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Frame ID: 3AEC68C95474F75BB481D6FEBCF756E8
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
Frame ID: EAD7AD89861A378B42EE53073B253348
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&adk=394062055&adf=3360478686&lmt=1673626776&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626776656&bpp=4&bdt=544&idt=310&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8107816801218&frm=20&pv=2&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340
Frame ID: 4E50751885AFDC0DABB69C98CA66FE97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Frame ID: BABA948315F7157F3BC3345E1FDB15BD
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: B6A3A08EFDDEE4B3DE5A5C26E90D5965
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6DA6E20B56E3764BF79891EB48F1E445
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 34227269DB43F8AE6A449065D9452A1B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16
Frame ID: C8F6A20A5E2919994FCF32A31DE90508
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=739046833&adf=1992360919&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=3&bdt=2564&idt=3&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200%2C770x280&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=2424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=XMnGA2lidi&p=https%3A//participant-v2.tirokdo.com&dtd=22
Frame ID: F4005F3FA37447232DAA8A35D7CBA04B
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: 9A29835E55F123B1EE4EE349395A7C69
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D08D13BECB0CF24EAD63C472AAF5F3A8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: 7A8EC6B2AAD7B1F3FFCE15E6361AF4E3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3F715DA21A383325421C0FD7EA26D192
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: AD54ACDCEE7DE7EA37AE8FCA8F06269F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

letter-userletter-emptyletter-writtenSecret Santa Cogiceo - Tirokdo - Espace participant

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

/tiny_?mce(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

130
Requests

92 %
HTTPS

66 %
IPv6

26
Domains

35
Subdomains

25
IPs

7
Countries

2080 kB
Transfer

4495 kB
Size

26
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://faq.tirokdo.com/fr/
Title: Foire aux questions

Search URL Search Domain Scan URL

URL: https://www.instagram.com/secret_santa_organizer/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/tirokdo/

Search URL Search Domain Scan URL

URL: https://twitter.com/tirokdo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tirokdo/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIcX2053n5c3ss5a8_SmeqE&google_cver=1&google_push=AavPq0Mvw07L9ohNRQFEDUfWsz5K2-IAUmHwZwcEy7jktPziN-Pip_6sdKbmPrTm8865_k4DxK0S0_WAFgLdi7kCkyn5-nEkbAniwpc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Mvw07L9ohNRQFEDUfWsz5K2-IAUmHwZwcEy7jktPziN-Pip_6sdKbmPrTm8865_k4DxK0S0_WAFgLdi7kCkyn5-nEkbAniwpc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIcX2053n5c3ss5a8_SmeqE&google_cver=1&google_push=AavPq0Mvw07L9ohNRQFEDUfWsz5K2-IAUmHwZwcEy7jktPziN-Pip_6sdKbmPrTm8865_k4DxK0S0_WAFgLdi7kCkyn5-nEkbAniwpc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Mvw07L9ohNRQFEDUfWsz5K2-IAUmHwZwcEy7jktPziN-Pip_6sdKbmPrTm8865_k4DxK0S0_WAFgLdi7kCkyn5-nEkbAniwpc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 105

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED5QqM1wLmvGKeGs9YdUy1w&google_cver=1&google_push=AavPq0P8IdUj7sSJ5UeU5JqBR9f-gEZtj-bYP1l1DPBdly3AZjX3DBrEUf7yyRqQY7OLHmmSqW7xiz66DvhYcsnZX16q7B0h6-SLEe4 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED5QqM1wLmvGKeGs9YdUy1w&google_cver=1&google_push=AavPq0P8IdUj7sSJ5UeU5JqBR9f-gEZtj-bYP1l1DPBdly3AZjX3DBrEUf7yyRqQY7OLHmmSqW7xiz66DvhYcsnZX16q7B0h6-SLEe4&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-5Jh5ELjRV2HgyVOtdre1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0P8IdUj7sSJ5UeU5JqBR9f-gEZtj-bYP1l1DPBdly3AZjX3DBrEUf7yyRqQY7OLHmmSqW7xiz66DvhYcsnZX16q7B0h6-SLEe4

Request Chain 106

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBbc6PFu_i80uObniD7bJAU&google_cver=1&google_push=AavPq0NB0h_aGS2slcMzvveTQxEsp_DnAfgqEyTxylk7Nvdd5We6baiQD5zPZ32z_6OzVyUJ2kG1QycxVrur_LMyMenFHfTzQG8zI3U HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBbc6PFu_i80uObniD7bJAU&google_push=AavPq0NB0h_aGS2slcMzvveTQxEsp_DnAfgqEyTxylk7Nvdd5We6baiQD5zPZ32z_6OzVyUJ2kG1QycxVrur_LMyMenFHfTzQG8zI3U&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBbc6PFu_i80uObniD7bJAU&google_hm=Y8GEmx-HD-w3G0u-Va-MlwAABKsAAAAB&google_nid=index&google_push=AavPq0NB0h_aGS2slcMzvveTQxEsp_DnAfgqEyTxylk7Nvdd5We6baiQD5zPZ32z_6OzVyUJ2kG1QycxVrur_LMyMenFHfTzQG8zI3U

Request Chain 107

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEErYM1ShnFzyzDGX9NECyuQ&google_cver=1&google_push=AavPq0O1yO6VIiKUx7pVAMPhK04I0ocB-Zo7xECKfJv__OPUhax1KX5NT-Nn5CtQoovBoWUW-vzbzLIvLtZaw5Sth77yUe65iJeJR_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0O1yO6VIiKUx7pVAMPhK04I0ocB-Zo7xECKfJv__OPUhax1KX5NT-Nn5CtQoovBoWUW-vzbzLIvLtZaw5Sth77yUe65iJeJR_s

Request Chain 108

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEN9-0m7JcBHJ9LN1Vj9JYw&google_cver=1&google_push=AavPq0M1MrwuWX3wODG2FJOySvG-wBL35AzQanit9P7y_-33Hu3zAwnJETDKLDhZHMysoDemlt6cAN76LDsfJa9rslUN_vQ2fnDXyQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0M1MrwuWX3wODG2FJOySvG-wBL35AzQanit9P7y_-33Hu3zAwnJETDKLDhZHMysoDemlt6cAN76LDsfJa9rslUN_vQ2fnDXyQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1673626779472 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4c712d47-235f-4d7b-99c1-551ab2860954-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0M1MrwuWX3wODG2FJOySvG-wBL35AzQanit9P7y_-33Hu3zAwnJETDKLDhZHMysoDemlt6cAN76LDsfJa9rslUN_vQ2fnDXyQ%26google_hm%3DA0xxLUcjX017mcFVGrKGCVQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0M1MrwuWX3wODG2FJOySvG-wBL35AzQanit9P7y_-33Hu3zAwnJETDKLDhZHMysoDemlt6cAN76LDsfJa9rslUN_vQ2fnDXyQ&google_hm=A0xxLUcjX017mcFVGrKGCVQ

Request Chain 127

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAavPq0NCzOGWc3Vm0Dzb7E2IbaFTMsCCdYLyjsmqiQB1kolD_BG74CYIfXANLUb5yeOvWyFYiY3j1vTsrJSd3ZKbO1MaGQFjOA&google_gid=CAESEFNXoTyVIryGmdNmnW2_BlY&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJuJhp4GEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BYXZQcTBOQ3pPR1djM1ZtMER6YjdFMkliYUZUTXNDQ2RZTHlqc21xaVFCMWtvbERfQkc3NENZSWZYQU5MVWI1eWVPdld5RllpWTNqMXZUc3JKU2QzWktiTzFNYUdRRmpPQQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTEJCUkdEYkFHdE92Mk53aGlSbmtvakxlVERMdVczUTNSS3dfbmg5dlQ1Yw==&google_push

Request Chain 128

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEL2QPlT-s7wnBqgtP4gOj1Y&google_push=AavPq0NMoqaBdC79-rlRzDg9qMwJGLkuFmAnPH1sm56Vt5210TkNdbsh3ba6-yXEGIt_jPPvVs3O8ZRmJZWQmtiufgjuxMUykw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AavPq0NMoqaBdC79-rlRzDg9qMwJGLkuFmAnPH1sm56Vt5210TkNdbsh3ba6-yXEGIt_jPPvVs3O8ZRmJZWQmtiufgjuxMUykw&google_hm=MTA4MTQxMjc4NzAwMDk1Mzk1NzI

Request Chain 129

https://rtb.openx.net/sync/dds?google_gid=CAESEOxspkMiaf7jZazjDmvCqNc&google_cver=1&google_push=AavPq0MxtXBM1rgTX-trhH7XKzii4XvLmdJlQzLX9mUvPnlXDuUb5eO1tXM3JALE7c3gulvgEHwdnyl0h9HeS7rFsgmlfcJnbA HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEOxspkMiaf7jZazjDmvCqNc&google_cver=1&google_push=AavPq0MxtXBM1rgTX-trhH7XKzii4XvLmdJlQzLX9mUvPnlXDuUb5eO1tXM3JALE7c3gulvgEHwdnyl0h9HeS7rFsgmlfcJnbA&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0MxtXBM1rgTX-trhH7XKzii4XvLmdJlQzLX9mUvPnlXDuUb5eO1tXM3JALE7c3gulvgEHwdnyl0h9HeS7rFsgmlfcJnbA&google_hm=UA3arIj9xRA5cgn-A3CVzA==

Request Chain 130

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMuJK1KHiOHK1qsFncVg_AY&google_cver=1&google_push=AavPq0NYn4jL1bSOvJZ7ExI3fhfYrRDK8urQcJYIy_b_KpFjpt_6CU8NLeiYNpaB-F5emlAKiYZ0AZUA63l-cxeU6vqKHCIRhg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-5Jh5ELjRV2HgyVOtdre1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NYn4jL1bSOvJZ7ExI3fhfYrRDK8urQcJYIy_b_KpFjpt_6CU8NLeiYNpaB-F5emlAKiYZ0AZUA63l-cxeU6vqKHCIRhg

Request Chain 131

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGqmBrdFx18gr5Yh9Dw6C9E&google_cver=1&google_push=AavPq0Pr7Y80JgHOhHNt7eQGSZ3vDC2xQuPUUsOejAFfJUQAQn-B2luNGoM4_TWlK3WTXNl-IHnShKinFIhvaC41GB83k7wuOm0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENVUTY4Nk0tMUYtR1lQSw==&google_push=AavPq0Pr7Y80JgHOhHNt7eQGSZ3vDC2xQuPUUsOejAFfJUQAQn-B2luNGoM4_TWlK3WTXNl-IHnShKinFIhvaC41GB83k7wuOm0

Request Chain 132

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPH8DsawGZXP-80SUQOb9yc&google_cver=1&google_push=AavPq0P6fDizYgUnvdm_lGVT5fM-CD7oTT3SIX_Yx0K61EpRTZ_BAh9tb43SdkSgPgrWU3yCNa1LqYqoH10Jc5mFf6RFdqLIRQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPH8DsawGZXP-80SUQOb9yc&google_hm=Y8GEmx-HD-w3G0u-Va-MlwAABKsAAAAB&google_nid=index&google_push=AavPq0P6fDizYgUnvdm_lGVT5fM-CD7oTT3SIX_Yx0K61EpRTZ_BAh9tb43SdkSgPgrWU3yCNa1LqYqoH10Jc5mFf6RFdqLIRQ

130 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
participant-v2.tirokdo.com/ 29 KB
9 KB 120ms
36ms Document
text/html 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: 71a31961a9189a38bc4d1be0bd850cc36ef292beb45ffbfdd6e3ecda94b9af0e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
age: 5
cache-control: s-maxage=10
content-encoding: gzip
content-length: 9241
content-type: text/html; charset=UTF-8
date: Fri, 13 Jan 2023 16:19:31 GMT
server: Apache
vary: Accept-Encoding
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-id: tCPFfs2gBhReLKm4cK3HlslJkjaJzcuCfl-3ZqQNNPW_JHczdmfoHw==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-mod-pagespeed: Pagespeed
x-powered-by: PHP/7.2.34

GET
H2 200 A._dist,,_css,,_mobile-angular-ui-hover.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-base.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-desktop.css,,qv==Nov.,,P202022+img,,_aweso...
participant-v2.tirokdo.com/ 307 KB
56 KB 133ms
116ms Stylesheet
text/css 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/A._dist,,_css,,_mobile-angular-ui-hover.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-base.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-desktop.css,,qv==Nov.,,P202022+img,,_awesome_icon,,_css,,_all.css,,qv==Nov.,,P202022,Mcc.eLGii-iqJt.css.pagespeed.cf.ue3CxAZoVr.css
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6669cdde2766105a9f79aea00a979ec749fddd8c0311f6e6a25b0adc6e7fdab1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-original-content-length: 394194
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 56631
last-modified: Fri, 13 Jan 2023 13:51:23 GMT
server: Apache
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: ViBe4xfsGJ6RPHU2xl9_bx5-O9GB2yJcayUTF0Wig5ztEMu56UmVEA==
expires: Sat, 13 Jan 2024 13:51:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 110ms
34ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,700

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c639475111ae9c7a6c89e022ab7a77eb6e9d82145e845dfba037b53650297288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 14:36:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 16:19:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
679 B 110ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,700

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b5f43a98e4a9b8d03d599594db018b3df4e3681eadb1ddcf7d21c0d13ae3ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 14:51:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 16:19:36 GMT

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.7.9/ 172 KB
61 KB 403ms
40ms Script
text/javascript 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular.min.js

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f936f9af51ccabd30a4138b9cd6da587e73290022be18fcc8c6217d712e9900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 10:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61983
x-xss-protection: 0
last-modified: Wed, 27 Nov 2019 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 10:36:43 GMT

GET
H2 200 angular-route.min.js Show response
code.angularjs.org/1.7.9/ 6 KB
3 KB 112ms
20ms Script
application/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://code.angularjs.org/1.7.9/angular-route.min.js

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

59391e6f90191d7fec0da706486885dcd5f7f07bd085fbf4535ba29400e4b177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Fri, 13 Jan 2023 16:19:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2723
x-served-by: cache-cdg20731-CDG
server: Google Frontend
x-timer: S1673626776.218553,VS0,VE0
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: 788bd49c4f794e3dded1f37787a24ccb
cache-control: public, max-age=600, s-maxage=43200
function-execution-id: qleqe4d7arbm
accept-ranges: bytes
x-orig-accept-language: fr-FR,fr;q=0.9
x-country-code: FR
x-cache-hits: 2

GET
H2 200 angular-cookies.min.js Show response
code.angularjs.org/1.7.9/ 1 KB
891 B 112ms
20ms Script
application/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://code.angularjs.org/1.7.9/angular-cookies.min.js

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

ea446350a3a4fbeaa3cd46f59e18cb49070a4601180186442e2fe5baf9c81cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Fri, 13 Jan 2023 16:19:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 787
x-served-by: cache-cdg20731-CDG
server: Google Frontend
x-timer: S1673626776.219004,VS0,VE0
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: dac8946876546578e4ad8642d0f18b38;o=1
cache-control: public, max-age=600, s-maxage=43200
function-execution-id: 6khl022ycqtc
accept-ranges: bytes
x-orig-accept-language: fr-FR,fr;q=0.9
x-country-code: FR
x-cache-hits: 2

GET
H2 200 angular-sanitize.min.js Show response
code.angularjs.org/1.7.9/ 7 KB
4 KB 112ms
20ms Script
application/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://code.angularjs.org/1.7.9/angular-sanitize.min.js

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

9e77bd9c5943d378cd99a57d0d3f4db39d570a8a5ba2584d5a5f02dacdfbf6d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Fri, 13 Jan 2023 16:19:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3660
x-served-by: cache-cdg20731-CDG
server: Google Frontend
x-timer: S1673626776.219028,VS0,VE0
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: c2ce4aac59bc52b6dac2b3324a04e231
cache-control: public, max-age=600, s-maxage=43200
function-execution-id: upu5uhm9z1pc
accept-ranges: bytes
x-orig-accept-language: fr-FR,fr;q=0.9
x-country-code: FR
x-cache-hits: 2

GET
H2 200 mobile-angular-ui.js,qv=Nov.,P202022.pagespeed.jm.k_Gx0PcgQF.js Show response
participant-v2.tirokdo.com/_dist/js/ 38 KB
10 KB 124ms
109ms Script
text/javascript 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/_dist/js/mobile-angular-ui.js,qv=Nov.,P202022.pagespeed.jm.k_Gx0PcgQF.js
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3d8e8dcd10159b2b88aa5f71bf758df8155345b2413d88f276344a1195a617cf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-original-content-length: 119785
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 9734
last-modified: Fri, 13 Jan 2023 13:51:23 GMT
server: Apache
etag: W/"0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: czMq0VVhkopsNqBfcA_h0zS1FAm1l4_mU95ouPIIJ_fLef7H5RXkHQ==
expires: Sat, 13 Jan 2024 13:51:23 GMT

GET
H2 200 mobile-angular-ui.gestures.js,qv=Nov.,P202022.pagespeed.jm.hcFQHtZ1PE.js Show response
participant-v2.tirokdo.com/_dist/js/ 19 KB
6 KB 73ms
59ms Script
text/javascript 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/_dist/js/mobile-angular-ui.gestures.js,qv=Nov.,P202022.pagespeed.jm.hcFQHtZ1PE.js
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: dca2e8dea78e248e0f1c19ad5f258419185293f7f08966730feb692ef11991f1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-original-content-length: 56910
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 5381
last-modified: Fri, 13 Jan 2023 13:51:25 GMT
server: Apache
etag: W/"0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: UsTMhXB7DVXwA5wly4BYPWpiKiFetGrx5huzBdi_jCVDPkWcI4yNRA==
expires: Sat, 13 Jan 2024 13:51:25 GMT

GET
H2 200 angular-css.min.js,qv=Nov.,P202022.pagespeed.jm.7z8eyJbCi0.js Show response
participant-v2.tirokdo.com/_dist/js/ 7 KB
3 KB 97ms
83ms Script
text/javascript 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/_dist/js/angular-css.min.js,qv=Nov.,P202022.pagespeed.jm.7z8eyJbCi0.js
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3a40300f61db5bf58d58cf64fab710a27a53c9bf9c747052b370332c25beac8c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-original-content-length: 7324
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 2425
last-modified: Fri, 13 Jan 2023 13:51:23 GMT
server: Apache
etag: W/"0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: a3ZDFVTj997jO8pvU5ma2oim1a5FvGqHWOzFXNKsojDh0OinDgRbew==
expires: Sat, 13 Jan 2024 13:51:23 GMT

GET
H2 200 tinymce.min.js Show response
participant-v2.tirokdo.com/modules/tinymce5/ 435 KB
141 KB 80ms
67ms Script
text/javascript 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/modules/tinymce5/tinymce.min.js?v=Nov.%202022
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: bb66ad84fc352cc5d1f56c7fee9b799782edca2ac472644210f65db4b96d009a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Thu, 12 Mar 2020 09:11:38 GMT
server: Apache
x-amz-cf-pop: FRA2-C1
etag: "6cd42-5a0a4bd814680-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
x-amz-cf-id: imYy9Buky_DmzaBtPaIm3KmZhUVxKohJqKNBkshKsatF2zM0NoX9uA==

GET
H2 200 tinymce.min.js Show response
participant-v2.tirokdo.com/modules/ 2 KB
1 KB 97ms
85ms Script
text/javascript 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/modules/tinymce.min.js?v=Nov.%202022
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a2e90901d3e4dd32ea589f71d57ae25b1378a7c1d9f1b1ee6e89b1001c1692f5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Thu, 02 Nov 2017 20:01:41 GMT
server: Apache
x-amz-cf-pop: FRA2-C1
etag: "86d-55d0574e5f340-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1047
x-amz-cf-id: phEVG9-cK-pF1an2NWedY0yRKSR9iivtvgH3lbLC6CkvsY4DbQa3SQ==

GET
H2 200 alertify.js,qv=Nov.,P202022.pagespeed.ce.GIO6lHFSM_.js Show response
participant-v2.tirokdo.com/modules/ 11 KB
4 KB 93ms
81ms Script
text/javascript 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/modules/alertify.js,qv=Nov.,P202022.pagespeed.ce.GIO6lHFSM_.js
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: b99715e16ba90070028ae11d63ef87fc590509b55d05297c4a7654081c3ae726

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-original-content-length: 11306
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 3232
last-modified: Wed, 08 Sep 2021 19:52:25 GMT
server: Apache
etag: W/"0-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: svxMB5PLr-96To-vl_N63d36Km48aCIG8ik_xIqcZkM-yEAg-7n-6g==
expires: Sat, 13 Jan 2024 16:19:36 GMT

GET
H2 200 ngAlertify.js,qv=Nov.,P202022.pagespeed.ce.FrrcraV61u.js Show response
participant-v2.tirokdo.com/modules/ 11 KB
4 KB 122ms
110ms Script
text/javascript 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/modules/ngAlertify.js,qv=Nov.,P202022.pagespeed.ce.FrrcraV61u.js
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: bc8aca120bd0d8aa23be5d5e089a4c2d39b709f9b9465ee914d47455ce3d0dd0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-original-content-length: 11362
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 3263
last-modified: Thu, 02 Nov 2017 20:01:39 GMT
server: Apache
etag: W/"0-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: O1OV4CDTB3aDLrcsxVGscOhPgetu_BjfPveiLT3KeB2PqYbrbPAoUw==
expires: Sat, 13 Jan 2024 16:19:36 GMT

GET
H2 200 angular-socialshare.min.js,qv=Nov.,P202022.pagespeed.jm.VQ5GugRNe-.js Show response
participant-v2.tirokdo.com/modules/ 17 KB
3 KB 95ms
84ms Script
text/javascript 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/modules/angular-socialshare.min.js,qv=Nov.,P202022.pagespeed.jm.VQ5GugRNe-.js
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 62b902e4a791a0400b23a9fc4ce9e27a6cab7dc1281e30b5744668ab4cae29f2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-original-content-length: 17634
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 2578
last-modified: Fri, 13 Jan 2023 13:51:24 GMT
server: Apache
etag: W/"0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: z6Q12nmwrXGoKM3Nq6dFRoVXObPluZfUOdPc8v2x8pjMCYC6ZDe27g==
expires: Sat, 13 Jan 2024 13:51:24 GMT

GET
H2 200 angular-translate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-translate/2.18.2/ 24 KB
7 KB 81ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-translate/2.18.2/angular-translate.min.js

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d150dff7fc28d3d83ed1b934aefcacfb43e3d15164689af950a56cbfa3ae36e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1950997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6816
last-modified: Mon, 04 May 2020 16:04:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d23-5eff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uL4dx7OoddjusQkbBtdJVgIE4KBvPeWGcIAFbA4cHVW%2Bt13zNN6uo87FKai6PNvyc2oCZItKQ0OrmFKlRgynzceHM0kR6aMdMhbTvPj0aSxK2dGRbhGDQ3UcpNmXxJDarqJlVjHY4H2Tti2gh7fJyRl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 788f74572e93d59c-CDG
expires: Wed, 03 Jan 2024 16:19:36 GMT

GET
H2 200 angular-translate-loader-static-files.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-translate/2.18.2/angular-translate-loader-static-files/ 1 KB
899 B 84ms
33ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-translate/2.18.2/angular-translate-loader-static-files/angular-translate-loader-static-files.min.js

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2978ad61291e6a17274af669d2e198ecadc08e2d4ea1b62a510a82d8d834e57a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1952693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 581
last-modified: Mon, 04 May 2020 16:04:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d23-55d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pr89KCKRbxcZBe9c9eQEZwC2JET%2Fa0My3CPHAdUhJfGIeTDvsB9pDNt3HJlPrcL9aa%2FHoC0m9LwvyD61E9cjf3nmLgaREXc8dMDwsIxCIV3le0DPXKhN8Qn%2Fi%2FM%2BOoe4Tn1w1HioZy0lXfHLYzYeUsBg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 788f74572e94d59c-CDG
expires: Wed, 03 Jan 2024 16:19:36 GMT

GET
H2 200 intro.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intro.js/4.2.2/ 51 KB
15 KB 78ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intro.js/4.2.2/intro.min.js

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c8bfd3d161bdb7aeb6912eee0dd4d4df53e93c2277a0ce856a3ea20888d857d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1937946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14777
last-modified: Fri, 27 Aug 2021 17:04:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61291b1c-39b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXfidefRrJHSrp2hBzgNooUR6XeLFDlst1dw4wgznuSgu95o3nQ%2B5ltUE6H7%2BCOFc00%2FS72z2daDeNKhP0um8noVC1KR9eq%2BwKRpJAwu3wO7FN9YC3tV%2FJZal62B47L%2FgldML3C%2BgGr6JTK8RQP0TgEw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 788f74572e95d59c-CDG
expires: Wed, 03 Jan 2024 16:19:36 GMT

GET
H2 200 introjs-rtl.min.css
cdnjs.cloudflare.com/ajax/libs/intro.js/4.2.2/ 349 B
836 B 76ms
27ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intro.js/4.2.2/introjs-rtl.min.css

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e85937bf50e734ff73f1d8b92e1a1a0d35a600963e5314e4564fa8e279092ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6216368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 151
last-modified: Fri, 27 Aug 2021 17:04:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61291b1c-97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFbKAoVcv%2BAAx3PWDTkZef%2FMLpjB6lJopKHbHMhYPdFTISFzcNVj715xN%2F10ndrEepZYAQS1mP7YpMGn7DSlU%2FGmMbCxdGB8YtY3GOQp6gdm1R4Jk7TIa87esMysyPrfnAPi8nWBTNGIcaBUPy%2BJhECr"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 788f74572e91d59c-CDG
expires: Wed, 03 Jan 2024 16:19:36 GMT

GET
H2 200 introjs.min.css
cdnjs.cloudflare.com/ajax/libs/intro.js/4.2.2/ 8 KB
2 KB 79ms
30ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intro.js/4.2.2/introjs.min.css

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe294f841b0f14f50e088ff7736c6ccf28db4e8dc49824982d5852ad1a154b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3664589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1443
last-modified: Fri, 27 Aug 2021 17:04:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61291b1c-5a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3i%2B%2F%2BxL3zhMqfdt1%2BhRw66LUymLKHHbqfbrbiG%2BP0JY9kzVBqTleBHUytXoiqcX1VTv13GhwvuSQRiQj2slF9vfA8DHCFMFCYLjOEn2JY49AScMdg3bdm6sjLCzVEjlChLELcib46v%2FnaY%2BxKkC7ocbs"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 788f74572e92d59c-CDG
expires: Wed, 03 Jan 2024 16:19:36 GMT

GET
H2 200 angular-intro.min.js.pagespeed.jm.FmxQSZxznA.js Show response
participant-v2.tirokdo.com/modules/intro.js/ 5 KB
2 KB 122ms
114ms Script
text/javascript 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/modules/intro.js/angular-intro.min.js.pagespeed.jm.FmxQSZxznA.js
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 324098cd006251aa4aad91eac08e73ab2025f1bc74c7d51db58210f5be9d39f8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-original-content-length: 5411
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 1391
last-modified: Fri, 13 Jan 2023 13:51:25 GMT
server: Apache
etag: W/"0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: lwjeP6pEdMEchY5A6tHfhLg0wLOXJHH07eiiiC15YyQZwn4vc0lAIg==
expires: Sat, 13 Jan 2024 13:51:25 GMT

GET
H2 200 tirage_getData_v2.js,qv=1669237964.pagespeed.jm.o_ugiz1-2L.js Show response
participant-v2.tirokdo.com/ 22 KB
5 KB 140ms
133ms Script
application/javascript 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/tirage_getData_v2.js,qv=1669237964.pagespeed.jm.o_ugiz1-2L.js
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: 43eed40cfba1b5f68f951aad181aeedc9ca9c307f76e396b600afaa325535676

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-original-content-length: 35645
x-amz-cf-pop: FRA2-C1
x-powered-by: PHP/7.2.34
x-cache: Miss from cloudfront
content-length: 4227
last-modified: Fri, 13 Jan 2023 13:51:24 GMT
server: Apache
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
tcn: choice
content-location: tirage_getData_v2.js.php
x-amz-cf-id: AGqvAup49N6WaTjDAOjk9NQeENrtH0m1veShe-dwV1VDiN_j0phqLg==
expires: Sat, 13 Jan 2024 13:51:24 GMT

GET
H2 200 tirage_v2.js,qv=1669237964.pagespeed.jm.LRVLsrDzsD.js Show response
participant-v2.tirokdo.com/ 59 KB
13 KB 301ms
295ms Script
application/javascript 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/tirage_v2.js,qv=1669237964.pagespeed.jm.LRVLsrDzsD.js
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: fc8cd83688118571112263808d50a1b46cf2628c75521f0c3cfa426fc9a1415e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-original-content-length: 110551
x-amz-cf-pop: FRA2-C1
x-powered-by: PHP/7.2.34
x-cache: Miss from cloudfront
content-length: 12817
last-modified: Fri, 13 Jan 2023 13:51:23 GMT
server: Apache
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
tcn: choice
content-location: tirage_v2.js.php
x-amz-cf-id: 4MIUfJfEXI5SXqL7gFsYAELFR4qRoJ55-A8a_xKyuhCftxf0P2Jl8A==
expires: Sat, 13 Jan 2024 13:51:23 GMT

GET
H2 200 A.tirage_v2.css,,qv==1669237964+styles.css,,qv==1669237964,Mcc.2v6z39-BZU.css.pagespeed.cf.hceAz3Cl_h.css
participant-v2.tirokdo.com/ 87 KB
13 KB 93ms
87ms Stylesheet
text/css 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/A.tirage_v2.css,,qv==1669237964+styles.css,,qv==1669237964,Mcc.2v6z39-BZU.css.pagespeed.cf.hceAz3Cl_h.css
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3f320e834a5ac2fa9197a7cb579617a2e711bfa2be4e37b4a816f17591a6e788

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-original-content-length: 105158
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 12697
last-modified: Fri, 13 Jan 2023 13:51:24 GMT
server: Apache
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: CYrJmkHGapLfjX6PqcoCEud8J8xOpyjPwU7lQMz6x2xbbOMNl47BEg==
expires: Sat, 13 Jan 2024 13:51:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 150ms
74ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2329404996570503

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc9f474975b583cb47260de0c13ee5d287a645e1f997529b30b3eab1e49fa29e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://participant-v2.tirokdo.com/
Origin: https://participant-v2.tirokdo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49481
x-xss-protection: 0
server: cafe
etag: 8534815592219439000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 16:19:36 GMT

GET
H2 200 %7B%7B%20langue%20%7D%7D.svg
participant-v2.tirokdo.com/img/logo-mobile/ 29 KB
29 KB 58ms
58ms Image
text/html 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://participant-v2.tirokdo.com/img/logo-mobile/%7B%7B%20langue%20%7D%7D.svg
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA2-C1
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-mod-pagespeed: Pagespeed
content-length: 9241
x-amz-cf-id: tTZEKrJAmQWqKcYKds40S9ChV90W4PwTxtkuRIw8nacWTcyhxAvA6A==

GET
H2 200 %7B%7B%20tirage.white_label.custo_url_logo%20%7D%7D
participant-v2.tirokdo.com/ 29 KB
29 KB 68ms
67ms Image
text/html 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://participant-v2.tirokdo.com/%7B%7B%20tirage.white_label.custo_url_logo%20%7D%7D
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA2-C1
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-mod-pagespeed: Pagespeed
content-length: 9241
x-amz-cf-id: wonx5FhBADEfuyznNmxq4vPfqjXKwVzh5Duz-JxgsbtGGtr9n_PUYA==

GET
H2 200 %7B%7B%20langue%20%7D%7D.svg
participant-v2.tirokdo.com/img/logo-desktop/ 29 KB
29 KB 74ms
73ms Image
text/html 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://participant-v2.tirokdo.com/img/logo-desktop/%7B%7B%20langue%20%7D%7D.svg
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA2-C1
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-mod-pagespeed: Pagespeed
content-length: 9241
x-amz-cf-id: w2zqQZATrRiCSmSZD_rvEVwLQowdR5dITjpvNHI7CsTSmqaZiWi9VQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 65ms
21ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Jan 2023 14:46:38 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5578
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 13 Jan 2023 16:46:38 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 88ms
26ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://participant-v2.tirokdo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 08:23:46 GMT
x-content-type-options: nosniff
age: 28550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 08:23:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 137ms
85ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2329404996570503&plah=participant-v2.tirokdo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2329404996570503

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ff0b19df0736040a67b1cca9285bcd50d10a36bab6121c4de8831d5fef6a3d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119973
x-xss-protection: 0
server: cafe
etag: 12030406616400552930
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 16:19:36 GMT

GET
H2 200 fa-solid-900.woff2
participant-v2.tirokdo.com/img/awesome_icon/webfonts/ 137 KB
138 KB 29ms
29ms Font
application/octet-stream 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/img/awesome_icon/webfonts/fa-solid-900.woff2
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/A._dist,,_css,,_mobile-angular-ui-hover.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-base.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-desktop.css,,qv==Nov.,,P202022+img,,_awesome_icon,,_css,,_all.css,,qv==Nov.,,P202022,Mcc.eLGii-iqJt.css.pagespeed.cf.ue3CxAZoVr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f

Request headers

Referer: https://participant-v2.tirokdo.com/A._dist,,_css,,_mobile-angular-ui-hover.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-base.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-desktop.css,,qv==Nov.,,P202022+img,,_awesome_icon,,_css,,_all.css,,qv==Nov.,,P202022,Mcc.eLGii-iqJt.css.pagespeed.cf.ue3CxAZoVr.css
Origin: https://participant-v2.tirokdo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 02:39:08 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Sun, 20 Sep 2020 21:24:25 GMT
server: Apache
x-amz-cf-pop: FRA2-C1
age: 2382028
etag: "225a0-5afc55bac7440"
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 140704
x-amz-cf-id: -H-KdJaT7dE_g1HtyMg_o01_WaRr_WrjvuJuvOI-q9DAM0tKLXp88w==

GET
H2 200 fa-brands-400.woff2
participant-v2.tirokdo.com/img/awesome_icon/webfonts/ 76 KB
76 KB 40ms
40ms Font
application/octet-stream 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/img/awesome_icon/webfonts/fa-brands-400.woff2
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/A._dist,,_css,,_mobile-angular-ui-hover.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-base.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-desktop.css,,qv==Nov.,,P202022+img,,_awesome_icon,,_css,,_all.css,,qv==Nov.,,P202022,Mcc.eLGii-iqJt.css.pagespeed.cf.ue3CxAZoVr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11

Request headers

Referer: https://participant-v2.tirokdo.com/A._dist,,_css,,_mobile-angular-ui-hover.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-base.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-desktop.css,,qv==Nov.,,P202022+img,,_awesome_icon,,_css,,_all.css,,qv==Nov.,,P202022,Mcc.eLGii-iqJt.css.pagespeed.cf.ue3CxAZoVr.css
Origin: https://participant-v2.tirokdo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 10:02:43 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Sun, 20 Sep 2020 21:24:23 GMT
server: Apache
x-amz-cf-pop: FRA2-C1
age: 109013
etag: "12e40-5afc55b8defc0"
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 77376
x-amz-cf-id: 4rVn1vzXvj5oSYR72RmHYMKfBEdOOEix-BMVoINeJyfVWQ2_qrE32Q==

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/ Frame EAD7 10 KB
5 KB 141ms
39ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2329404996570503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://participant-v2.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 54428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 01:12:28 GMT
etag: 10353107486223812946
expires: Fri, 27 Jan 2023 01:12:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fa-regular-400.woff2
participant-v2.tirokdo.com/img/awesome_icon/webfonts/ 169 KB
170 KB 28ms
27ms Font
application/octet-stream 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/img/awesome_icon/webfonts/fa-regular-400.woff2
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/A._dist,,_css,,_mobile-angular-ui-hover.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-base.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-desktop.css,,qv==Nov.,,P202022+img,,_awesome_icon,,_css,,_all.css,,qv==Nov.,,P202022,Mcc.eLGii-iqJt.css.pagespeed.cf.ue3CxAZoVr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 58f76b0b684536fbea8ae9ae7177607e81a261407916e9a86e063b02948e9adc

Request headers

Referer: https://participant-v2.tirokdo.com/A._dist,,_css,,_mobile-angular-ui-hover.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-base.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-desktop.css,,qv==Nov.,,P202022+img,,_awesome_icon,,_css,,_all.css,,qv==Nov.,,P202022,Mcc.eLGii-iqJt.css.pagespeed.cf.ue3CxAZoVr.css
Origin: https://participant-v2.tirokdo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 07:08:45 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Sun, 20 Sep 2020 21:24:24 GMT
server: Apache
x-amz-cf-pop: FRA2-C1
age: 292251
etag: "2a4a4-5afc55b9d3200"
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 173220
x-amz-cf-id: rnizoBPUqEfLw2hBt_Ec0Ih4PxqbQO3xVkdGY0Jopmi948T5MvRdGg==

OPTIONS
H/1.1 200
OK /
oldy4rchtk.execute-api.eu-west-1.amazonaws.com/prod/tirage/609742/5562646/ Frame 0
0 164ms
98ms Preflight
application/json 13.32.27.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oldy4rchtk.execute-api.eu-west-1.amazonaws.com/prod/tirage/609742/5562646/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-28.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authentification,langue_texte
Access-Control-Request-Method: GET
Origin: https://participant-v2.tirokdo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,Authentification,langue_texte
Access-Control-Allow-Methods: GET,OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Fri, 13 Jan 2023 16:19:36 GMT
Via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
X-Amz-Cf-Id: OT-h6zceBpzldJeouSc_L90dxyf5ryuVI55jedSUMX0X9KEVHpLPUA==
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Miss from cloudfront
X-Requested-With: *
x-amz-apigw-id: esGn6GudDoEFdww=
x-amzn-RequestId: 574959e2-c9d8-4351-9b12-3d731dfbf614

GET
H2 200 fr.json Show response
participant-v2.tirokdo.com/l10n/ 28 KB
9 KB 61ms
61ms XHR
application/json 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://participant-v2.tirokdo.com/l10n/fr.json?v=1669668939

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

8f74d253590b2cd163a6e6e375064892d0ac8cf69ee95f58c2d25fbefcfbb937

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 31128
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 8985
server: Apache
etag: W/"PSA-aj-sRZ6RqO4A9"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2583127, public
accept-ranges: bytes
x-amz-cf-id: BKQR0MF4j1ManGrm92O-PSn-FuP64H17Hp65FXmjf0993knsrv11lQ==
expires: Sun, 12 Feb 2023 13:51:44 GMT

GET
H2 200 santa_v2.html Show response
participant-v2.tirokdo.com/inc/ 116 KB
22 KB 70ms
69ms XHR
text/html 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/inc/santa_v2.html?v=1669668939
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: ab596d6a0463ab1c7e511fd41921dcac57a186d3cd620373ec4cffa5015d5c1d

Request headers

Accept: application/json, text/plain, */*
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-mod-pagespeed: Pagespeed
content-length: 22011
last-modified: Sat, 27 Aug 2022 09:39:23 GMT
server: Apache
etag: "27c54-5e735ce3de8c0-gzip"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, s-maxage=10
accept-ranges: bytes
x-amz-cf-id: UO5p8R_Z-vHxe1XY0xPsVjJvpCnElc21UXKzWHlPiAPe_AA7OqSYEQ==

GET
H/1.1 200
OK / Show response
oldy4rchtk.execute-api.eu-west-1.amazonaws.com/prod/tirage/609742/5562646/ 10 KB
10 KB 1738ms
1738ms XHR
application/json 13.32.27.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oldy4rchtk.execute-api.eu-west-1.amazonaws.com/prod/tirage/609742/5562646/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-28.fra56.r.cloudfront.net
Software: /
Resource Hash: 48cf0d9151e5339e93e4e03c47a06058759d89f8d859853ceeca3b985b7125e3

Request headers

Accept: application/json, text/plain, */*
Referer: https://participant-v2.tirokdo.com/
Authentification: 92722142c7954e9c95ad62f607ef3536
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
langue_texte: fr

Response headers

Date: Fri, 13 Jan 2023 16:19:38 GMT
Via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
X-Amzn-Trace-Id: Root=1-63c18498-137775e676c4491b5052f894
x-amzn-RequestId: 79dd2bbc-3b4e-40ea-b070-151cf88179a9
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
x-amz-apigw-id: esGn7Gm_joEF7NA=
Content-Length: 9970
X-Amz-Cf-Id: lsEj43eaSR0YGBHIw6f7KcpW6_6R0IYkinyCUyITRmZKsmlHPmqBdg==

GET
H2 200 p_home.html Show response
participant-v2.tirokdo.com/ 15 KB
4 KB 58ms
58ms XHR
text/html 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/p_home.html?v=1669668939
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 8a520bca2718d9597efe3bc2f8b6b55776613f9455e89d2d0ce84416526b66ed

Request headers

Accept: application/json, text/plain, */*
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-mod-pagespeed: Pagespeed
content-length: 3739
last-modified: Tue, 06 Dec 2022 17:30:04 GMT
server: Apache
etag: "4b1b-5ef2c27823f00-gzip"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, s-maxage=10
accept-ranges: bytes
x-amz-cf-id: xuJjX2D1ja5L4Qta86Ozs8Fi9u7FdzQMOi1C9VNR51sol0ZA3eWxkg==

GET
H2 200 fr.svg
participant-v2.tirokdo.com/img/logo-mobile/ 16 KB
5 KB 59ms
58ms Image
image/svg+xml 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://participant-v2.tirokdo.com/img/logo-mobile/fr.svg
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f9feba72f869d5a3f1b35197569fe25b3d7a871019dbb40cabaec79dfaebae39

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Sat, 10 Jul 2021 20:32:56 GMT
server: Apache
x-amz-cf-pop: FRA2-C1
etag: W/"3ec6-5c6cacb0eee00"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public, s-maxage=10
x-amz-cf-id: e0hgjCfFnFKENYvMbVBWrLhBV_p0EGKWppR-7deX0XuHa73uLE5gAg==

GET
H2 200 fr.svg
participant-v2.tirokdo.com/img/logo-desktop/ 16 KB
5 KB 63ms
62ms Image
image/svg+xml 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://participant-v2.tirokdo.com/img/logo-desktop/fr.svg
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a65d8f1ffb557eb817d138e40980f4c044c9efc02dca7ef829f755f9fc936254

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Sat, 10 Jul 2021 20:32:56 GMT
server: Apache
x-amz-cf-pop: FRA2-C1
etag: W/"3ec7-5c6cacb0eee00"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public, s-maxage=10
x-amz-cf-id: n1hRAK7bSl3G2xzTLWV5L1zuiP_q3Wcj-T5jpCnWWxQFoqw7UuY62g==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
216 B 24ms
23ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1506668597&t=pageview&_s=1&dl=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&dp=PART%2Fhome&ul=en-us&de=UTF-8&dt=-%20COMMUN_TITLE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2061743203&gjid=239842139&cid=1578197813.1673626777&tid=UA-27723172-1&_gid=483297925.1673626777&_r=1&_slc=1&z=106006549

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://participant-v2.tirokdo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://participant-v2.tirokdo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fa-duotone-900.woff2
participant-v2.tirokdo.com/img/awesome_icon/webfonts/ 183 KB
183 KB 30ms
29ms Font
application/octet-stream 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/img/awesome_icon/webfonts/fa-duotone-900.woff2
Requested by: Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/A._dist,,_css,,_mobile-angular-ui-hover.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-base.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-desktop.css,,qv==Nov.,,P202022+img,,_awesome_icon,,_css,,_all.css,,qv==Nov.,,P202022,Mcc.eLGii-iqJt.css.pagespeed.cf.ue3CxAZoVr.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 20ec55e764f09d132a679b2aa4ef98a9256b58b7a1a79f70dfec5e901160de75

Request headers

Referer: https://participant-v2.tirokdo.com/A._dist,,_css,,_mobile-angular-ui-hover.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-base.css,,qv==Nov.,,P202022+_dist,,_css,,_mobile-angular-ui-desktop.css,,qv==Nov.,,P202022+img,,_awesome_icon,,_css,,_all.css,,qv==Nov.,,P202022,Mcc.eLGii-iqJt.css.pagespeed.cf.ue3CxAZoVr.css
Origin: https://participant-v2.tirokdo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:40:46 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Sun, 20 Sep 2020 21:24:24 GMT
server: Apache
x-amz-cf-pop: FRA2-C1
age: 520730
etag: "2da54-5afc55b9d3200"
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 186964
x-amz-cf-id: 4g2BNe14mimj6KQtofCycStZSkFIeaych3edQuiNss_avp-3Xvy9gA==

GET
H2 200 bandeau_img.html Show response
participant-v2.tirokdo.com/inc/ 2 KB
951 B 53ms
53ms XHR
text/html 2600:9000:20eb:7000:19:2400:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://participant-v2.tirokdo.com/inc/bandeau_img.html?v=8.2
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:19:2400:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 27183e0b6ed9ec33af9695a549b8e19e632e66fc0e5329b545fef8a930b73755

Request headers

Accept: application/json, text/plain, */*
Referer: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:36 GMT
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-mod-pagespeed: Pagespeed
content-length: 514
last-modified: Sun, 28 Aug 2022 21:18:48 GMT
server: Apache
etag: "75a-5e753b1645e00-gzip"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, s-maxage=10
accept-ranges: bytes
x-amz-cf-id: nYAKvKBBzb79r98qMx3qViUv7Yxg4VhsGB0aSi4C7UInop5t6q5EoQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 72ms
23ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-27723172-1&cid=1578197813.1673626777&jid=2061743203&gjid=239842139&_gid=483297925.1673626777&_u=IEBAAEAAAAAAACAAI~&z=417188313

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://participant-v2.tirokdo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 13 Jan 2023 16:19:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://participant-v2.tirokdo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 655 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6ed8f53cf929523126d73e4d21b0f24f457404364dc7e5eca303f4d67d88091

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 739 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c917f972a0eb0666de5977a0bddc34945c791a62b4d0729c0ea334b2356c8d19

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 122ms
51ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-27723172-1&cid=1578197813.1673626777&jid=2061743203&_u=IEBAAEAAAAAAACAAI~&z=286378255

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
501 B 194ms
75ms Image
image/gif 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-27723172-1&cid=1578197813.1673626777&jid=2061743203&_u=IEBAAEAAAAAAACAAI~&z=286378255

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
694 B 160ms
60ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=participant-v2.tirokdo.com&callback=_gfp_s_&client=ca-pub-2329404996570503&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2329404996570503&plah=participant-v2.tirokdo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbcc5b3cbeac3710b46105710a69523cacb65b4b9d721ada66e00577c7acb1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 176ms
62ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=participant-v2.tirokdo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 98ms
36ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=participant-v2.tirokdo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 128ms
127ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E50 154 KB
44 KB 1082ms
1081ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&adk=394062055&adf=3360478686&lmt=1673626776&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626776656&bpp=4&bdt=544&idt=310&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8107816801218&frm=20&pv=2&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb11fa806ce24799e9665db35126edbe59cf16bf70a0b18ba93566aad8a36cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://participant-v2.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44647
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 16:19:38 GMT
expires: Fri, 13 Jan 2023 16:19:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 74ms
73ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad5c68e41f16eb6f5d231ff74ba60ce8e124c8d961a5fd25e68da666e479923f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11062
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 127ms
126ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1759dcd95a0bb122da78fca4ba49ba76979b01e4f8ff51f4e360a2ed1fa0b509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52349
x-xss-protection: 0
server: cafe
etag: 5299213374584827543
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 16:19:38 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 208ms
91ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 16:19:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
165 B 63ms
62ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=participant-v2.tirokdo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 35ms
35ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=participant-v2.tirokdo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame BABA 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://participant-v2.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 54434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 01:12:24 GMT
etag: 10353107486223812946
expires: Fri, 27 Jan 2023 01:12:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame BABA 4 KB
732 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 16:04:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 16:19:38 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BABA 205 B
518 B 108ms
32ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 13:35:25 GMT
x-content-type-options: nosniff
age: 9853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 13 Jan 2024 13:35:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BABA 604 B
695 B 109ms
33ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:50:48 GMT
x-content-type-options: nosniff
age: 19730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 13 Jan 2024 10:50:48 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame BABA 19 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8191
x-xss-protection: 0
server: cafe
etag: 7335088802737092762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:55:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B6A3 6 KB
745 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 16:05:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 16:19:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame B6A3 2 KB
846 B 40ms
39ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:08:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame B6A3 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:08:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame B6A3 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:08:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame B6A3 18 KB
7 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:08:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6A3 157 KB
49 KB 231ms
106ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 16:19:38 GMT

GET
H2 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame B6A3 33 KB
14 KB 35ms
26ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:54:04 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6DA6 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://participant-v2.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 117554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 07:40:24 GMT
expires: Fri, 12 Jan 2024 07:40:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3422 783 B
967 B 37ms
36ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d89ca305cfa497d094364bf3dced15ea28b08c50c1521f7d9f7e23bb7d8e9e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1iwd_YQx1YPLFebT86io6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://participant-v2.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-1iwd_YQx1YPLFebT86io6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 16:19:38 GMT
expires: Fri, 13 Jan 2023 16:19:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3422 0
0 127ms
127ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230111&jk=3765086891074473&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DA6 36 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 06:29:55 GMT

OPTIONS
H/1.1 200
OK 5562646
oldy4rchtk.execute-api.eu-west-1.amazonaws.com/prod/wish_list/gift/609742/ Frame 0
0 95ms
95ms Preflight
application/json 13.32.27.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oldy4rchtk.execute-api.eu-west-1.amazonaws.com/prod/wish_list/gift/609742/5562646
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-28.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authentification,id_offrant,liste_type
Access-Control-Request-Method: GET
Origin: https://participant-v2.tirokdo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,Authentification, langue_texte, liste_type, id_offrant
Access-Control-Allow-Methods: GET,OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Fri, 13 Jan 2023 16:19:38 GMT
Via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
X-Amz-Cf-Id: t1UUdbZXDob6jVmhmScEeguTxzlRVpg-3Q7kObnoKUxGayz_owpcbA==
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Miss from cloudfront
x-amz-apigw-id: esGoNHUIDoEFaow=
x-amzn-RequestId: 03979515-e9d2-4364-b990-fcd2102f1b7f

GET
H/1.1 200
OK 5562646 Show response
oldy4rchtk.execute-api.eu-west-1.amazonaws.com/prod/wish_list/gift/609742/ 102 B
613 B 208ms
208ms XHR
application/json 13.32.27.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oldy4rchtk.execute-api.eu-west-1.amazonaws.com/prod/wish_list/gift/609742/5562646
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-28.fra56.r.cloudfront.net
Software: /
Resource Hash: 6b0a1032f00791c69da6e5fa421e1af4ff727cf274063b8fa3805756dde6da07

Request headers

liste_type: 2
Accept: application/json, text/plain, */*
Referer: https://participant-v2.tirokdo.com/
Authentification: 92722142c7954e9c95ad62f607ef3536
accept-language: fr-FR,fr;q=0.9
id_offrant: 5562646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 16:19:38 GMT
Via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
X-Amzn-Trace-Id: Root=1-63c1849a-085fc83a15c7873d7c159617
x-amzn-RequestId: d8857884-e979-4954-9a5e-15d7c0af7da7
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
x-amz-apigw-id: esGoOGnrDoEFdMA=
Content-Length: 102
X-Amz-Cf-Id: KfP2qFEhzaAByyzK375t5EV9ZK9wTYJWLb2P4l937M7XaoxcQbiZrQ==

GET
H2 200 style_ep.css
www.tirokdo.com/im/themes/noel_bureau_2021/ 305 B
738 B 123ms
26ms Stylesheet
text/css 2600:9000:20eb:d200:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tirokdo.com/im/themes/noel_bureau_2021/style_ep.css

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:d200:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6cf790660666a6437f33b5230d5b09a488f45a1f72cea06bf949f94562ded557

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 02:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
x-original-content-length: 305
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2381465
x-cache: Hit from cloudfront
content-length: 212
x-xss-protection: 1; mode=block
last-modified: Sun, 28 Aug 2022 21:48:58 GMT
server: Apache
etag: "131-5e7541d46c680-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
x-amz-cf-id: CxDV7QGruwvz3DnqVwweRPU7CZg2JobECQkV78CvhKNpoBnB3fbJ_g==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1506668597&t=event&_s=2&dl=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&ul=en-us&de=UTF-8&dt=-%20Tirokdo%20-%20Espace%20participant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PereNoel&ea=Ouvre&el=Animation%3DPN_welcome&_u=KEBAAEABAAAAACAAI~&jid=&gjid=&cid=1578197813.1673626777&tid=UA-27723172-1&_gid=483297925.1673626777&z=959127186

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 18:07:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79928
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 62ms
62ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=participant-v2.tirokdo.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=participant-v2.tirokdo.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 bandeau.jpg
www.tirokdo.com/im/themes/noel_bureau_2021/ 131 KB
131 KB 122ms
30ms Image
image/jpeg 2600:9000:20eb:d200:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tirokdo.com/im/themes/noel_bureau_2021/bandeau.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:d200:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b3f93908aade7a1148b99761ab3cd4fcb9ac81842c8e8aebeaa84b434e82cc1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 19:21:57 GMT
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-content-type-options: nosniff, nosniff
x-original-content-length: 145559
x-amz-cf-pop: FRA2-C1
age: 2062661
x-cache: Hit from cloudfront
content-length: 133885
x-xss-protection: 1; mode=block
server: Apache
etag: W/"PSA-aj-E7EdNvywbr"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30695980, public
accept-ranges: bytes
x-amz-cf-id: Eai2esyFUYn8paOG4zT6_5D5mXCuLbNKN2nLOgGPsq55msL1UiO60w==
expires: Mon, 11 Dec 2023 02:01:38 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C8F6 100 KB
35 KB 967ms
966ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c170d15f29069227a3dca1cd045042ceb3c3ae3c5dd6d9348f4172b27f6fa298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://participant-v2.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35621
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 16:19:39 GMT
expires: Fri, 13 Jan 2023 16:19:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F400 98 KB
35 KB 594ms
593ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=739046833&adf=1992360919&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=3&bdt=2564&idt=3&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200%2C770x280&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=2424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=XMnGA2lidi&p=https%3A//participant-v2.tirokdo.com&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39e4bb012c5448fbb3a989de736d318228ffa017956f80df3dec995f83b57928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://participant-v2.tirokdo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35391
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 16:19:39 GMT
expires: Fri, 13 Jan 2023 16:19:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A29 36 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: participant-v2.tirokdo.com
URL: https://participant-v2.tirokdo.com/?id_event=609742&id_guest=5562646&hash=92722142c7954e9c95ad62f607ef3536

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 06:29:55 GMT

GET
H2 200 rennes.svg
www.tirokdo.com/im/themes/noel_bureau_2021/ 9 KB
4 KB 48ms
47ms Image
image/svg+xml 2600:9000:20eb:d200:13:b126:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tirokdo.com/im/themes/noel_bureau_2021/rennes.svg

Requested by

Host: www.tirokdo.com
URL: https://www.tirokdo.com/im/themes/noel_bureau_2021/style_ep.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:d200:13:b126:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

59c224307f8e3fa50195cedc74738dc36619c267224f36e5bc814155377c9ca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tirokdo.com/im/themes/noel_bureau_2021/style_ep.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 25367
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Sat, 30 Jun 2018 02:44:17 GMT
server: Apache
etag: W/"237e-56fd2f0c7e240"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
x-amz-cf-id: 2Fj_cNQDm4O1bUdr9bnuX6Lv94bHWzYNjztuXfFbcm94OzgSyWlp_g==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 133ms
133ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230111&jk=3765086891074473&bg=!k5ClkNTNAAYDMoyoIzI7ACkAdvg8Wt4sXZ6_1VXBRDHPp7LT7lVHHg08NBqFWC9oIE5-UlGKDi8lswIAAACFUgAAAANoAQeZAqvuhoGNhjrZU7PxWULaW1GRL1K1MUa01RwncB1BfoHKB7KxeMBdx9s8WVe9f2K3Uu4iHKFLFBFDfwywkGefb3iG_AEWnn2ZjfYtHHPVUJwMuMx9KuHjmN_71AkellpkEmNq64FykAC1g9UVgFIagwGa9ZrOGBsHSDVR5a7TIQTTvukpwI5h6qbNEWhSI_LDQvqU22-OIKefN7iuUe8VKOHJvmRyKlcstGcpIvCZUhGmxtIYpKJKN8LVvVJ4-itrU6YXTJASRt0MHbTta40vN0IOdBS5zxG-m9G73MPVYXGcXoenijuNlPqt2XNZW90dTb0GfELds-TqEdrKygdozsTaT2F5g_v1AtAv5QkRezgvckvKieA2NZJQ-ZEceMQGE5Gy6SpVqQZmE1WDscPSnJ-jGqcD2px2tIX25EjUASARpYLZWJpE6Srw5oaxaVuosb3AHNSUpsek4nde4zrkz5EZK385I99r-0J7AfrNj2zpL0RvmOq-quocCsgJ0s6S3M8ioXYUh3s0H159nLeVXQKn5Hz6_kQ2bSJ5sHeElINij4B7wO2Ui3t7f6x1uwqhh4UJiSWQ7UmAjsUtq2iwKUBvGSpXXUflR8tVxWphyHfQpgRqrKyS8g7tNVgNAh98yRUGrUKeFnE5vZ4HAklgZoT-Cr1QjOEU45SYiCHIr1SJIkArkHR9FmBnBDoXrDTUhylOsGTs5dRDHpk6tdJXK6TDh0debS8WGpMV1xrZY0Z0pf8P5Je-JWpf-q84grE5rcrRQ_jkV3kxZ6CGDRX1Mc1fzPeuSloQnCnr85fVElMoFOLUw0ZnaXfeVDRsOQquwqJQd0uTKeaE10H0M_ePVDNnkEGA4fgBJHrTQA0GroHd84woLcn9obtQq6lRMUdJzdz6ChFu1hgIghUGvA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://participant-v2.tirokdo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame F400 8 KB
991 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=739046833&adf=1992360919&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=3&bdt=2564&idt=3&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200%2C770x280&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=2424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=XMnGA2lidi&p=https%3A//participant-v2.tirokdo.com&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 16:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 16:01:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 16:19:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame F400 2 KB
804 B 39ms
39ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:08:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F400 0
0 82ms
82ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CX19KmoTBY56vLYGDygWU2JLgC8impsZigdje9p0NqPSTvosOEAEg_rjpJWD7AaAB7eqQzgPIAQmpAhjmkzYQMrI-qAMByAPLBKoE-QFP0CwAxZs5g3ZJ8w7rexCpKBx_X58dtVxy-J7u2RP5xi5daZvHtzYtRFKrGaXMAXqviPMv_0aYmq6weutQhXxTdJdx13_-Lor6FtrfevULYE14_9nfx_5SS7vmJOi0qzAkLVRqdB6JDg5nWc5bjgA1pwzTotMXrNmULCSK2w0em1gskunaY7tzA3vNq06mAgV70pIlj13TmB3bstXTE0rSARRRznZFGFugohskhucZ1s9tpsWq3IAI6HexMMNWiZNt8owYkvTu59za8277lTT_em6TqGjGOBKaj6dAitQalcCsDRtO0us_ZCwomf_n7fxzq_r9vw01tUDABOmE3Km5A5IFBAgEGAGSBQQIBRgEoAYugAf7lO8xqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQi1bSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC4gUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yMzI5NDA0OTk2NTcwNTAzGAA&sigh=qq-dSz7HkDU&uach_m=[UACH]&cid=CAQSPADq26N9mxRsgLzNd8uBwxUXTyGXFc3JS75ZRlLarnYn14iKA0ZtLn2mxorGuHyVldg80HMEvjqffgy6hBgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=739046833&adf=1992360919&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=3&bdt=2564&idt=3&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200%2C770x280&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=2424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=XMnGA2lidi&p=https%3A//participant-v2.tirokdo.com&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame F400 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:08:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame F400 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:08:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame F400 18 KB
7 KB 45ms
44ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:08:46 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F400 0
0 36ms
35ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ35eaO262OD94OYukdhsMUYSU_CfJDclNEfiaPckpPuQM-d9rL1PPxtTqOxto51jl-tj81nFoah54cmJuzP8b1n80w-Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=739046833&adf=1992360919&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=3&bdt=2564&idt=3&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200%2C770x280&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=2424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=XMnGA2lidi&p=https%3A//participant-v2.tirokdo.com&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F400 157 KB
48 KB 76ms
75ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 16:19:39 GMT

GET
H2 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame F400 33 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:54:04 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5209232045500321427/ Frame F400 8 KB
8 KB 44ms
44ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5209232045500321427/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b84d4c2cc8e2877724337d7795298df67593d31e750269b330907fa8a6586da5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 18:12:59 GMT
x-content-type-options: nosniff
age: 511600
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8118
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 11:58:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jan 2024 18:12:59 GMT

GET
DATA 200
OK truncated
/ Frame F400 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F400 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00526e46a0cd4e0849012e53b5a9a2d003af41042d22f7cd4d6e2aaeb38577fd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D08D 1 KB
643 B 27ms
26ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 14880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 12:11:39 GMT
etag: 48472445140208031
expires: Sat, 14 Jan 2023 12:11:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F400 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39712a70d045a2e1bc302d5d7da568c78b1aeb6f3e71adb0dce34e0a50a801e7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame D08D 0
104 B 156ms
41ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGg6cElOGQuKeuTq4sde2rI&google_cver=1&google_push=AavPq0OGZR7QwUaKOGKYzCyLDfIzPyJLPiqZVHD2IdYlZvcmB6tJIYTai9J_JFyHKM7ye3iQWy8gLcODhV9covrmxAxIxZGSfc5Z-g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=739046833&adf=1992360919&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=3&bdt=2564&idt=3&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200%2C770x280&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=2424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=XMnGA2lidi&p=https%3A//participant-v2.tirokdo.com&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D08D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIcX2053n5c3ss5a8_SmeqE&google_cver=1&google_push=AavPq0Mvw07L9ohNRQFEDUfWsz5K2-IAUmHwZwcEy7jktPziN-Pip_6sdKbmPrTm8865_k4DxK0S0_WAFgLdi7kCkyn5-nEkbAniw...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIcX2053n5c3ss5a8_SmeqE&google_cver=1&google_push=AavPq0Mvw07L9ohNRQFEDUfWsz5K2-IAUmHwZwcEy7jktPziN-Pip_6sdKbmPrTm8865_k4DxK0S0_WAFgLdi7kCkyn5-nEkbAn...

43 B
415 B

184ms
170ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIcX2053n5c3ss5a8_SmeqE&google_cver=1&google_push=AavPq0Mvw07L9ohNRQFEDUfWsz5K2-IAUmHwZwcEy7jktPziN-Pip_6sdKbmPrTm8865_k4DxK0S0_WAFgLdi7kCkyn5-nEkbAniwpc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Mvw07L9ohNRQFEDUfWsz5K2-IAUmHwZwcEy7jktPziN-Pip_6sdKbmPrTm8865_k4DxK0S0_WAFgLdi7kCkyn5-nEkbAniwpc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 788f746cc9f6d091-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 963
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIcX2053n5c3ss5a8_SmeqE&google_cver=1&google_push=AavPq0Mvw07L9ohNRQFEDUfWsz5K2-IAUmHwZwcEy7jktPziN-Pip_6sdKbmPrTm8865_k4DxK0S0_WAFgLdi7kCkyn5-nEkbAniwpc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Mvw07L9ohNRQFEDUfWsz5K2-IAUmHwZwcEy7jktPziN-Pip_6sdKbmPrTm8865_k4DxK0S0_WAFgLdi7kCkyn5-nEkbAniwpc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 788f746b98e6d091-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame D08D 70 B
265 B 141ms
41ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECrC3QcnUmGIQTNgy-Qfjc4&google_cver=1&google_push=AavPq0NgCa9NBzG-NqJ6VVyJDG3T4DEGWp1UAnLFD_MW5ZR01j3v0dWSIlm-alZyFVD59GsF7GMzYLpNrut_X6j-Epk6GxB51EpgkA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=739046833&adf=1992360919&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=3&bdt=2564&idt=3&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200%2C770x280&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=2424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=XMnGA2lidi&p=https%3A//participant-v2.tirokdo.com&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D08D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-5Jh5ELjRV2HgyVOtdre1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
329 B

63ms
62ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-5Jh5ELjRV2HgyVOtdre1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0P8IdUj7sSJ5UeU5JqBR9f-gEZtj-bYP1l1DPBdly3AZjX3DBrEUf7yyRqQY7OLHmmSqW7xiz66DvhYcsnZX16q7B0h6-SLEe4

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-5Jh5ELjRV2HgyVOtdre1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0P8IdUj7sSJ5UeU5JqBR9f-gEZtj-bYP1l1DPBdly3AZjX3DBrEUf7yyRqQY7OLHmmSqW7xiz66DvhYcsnZX16q7B0h6-SLEe4
date: Fri, 13 Jan 2023 16:19:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D08D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBbc6PFu_i80uObniD7bJAU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBbc6PFu_i80uObniD7bJAU&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBbc6PFu_i80uObniD7bJAU&google_hm=Y8GEmx-HD-w3G0u-Va-MlwAABKsAAAAB&google_nid=index&google_push=AavPq0NB0h_aGS2slcMzvveTQxEsp_DnAfgqE...

170 B
232 B

65ms
65ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBbc6PFu_i80uObniD7bJAU&google_hm=Y8GEmx-HD-w3G0u-Va-MlwAABKsAAAAB&google_nid=index&google_push=AavPq0NB0h_aGS2slcMzvveTQxEsp_DnAfgqEyTxylk7Nvdd5We6baiQD5zPZ32z_6OzVyUJ2kG1QycxVrur_LMyMenFHfTzQG8zI3U

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuWXTQxokBn%2Fzy50S%2BQuQLpt%2BEe%2FjPRM%2F8dCR9zrsNzoBaoKI9lBLKu1BaNKZoySUbElvLp%2B%2F%2BfUPVmZ%2F6c2npjI3jvAO10i5NL11T12NtO4NAFfyKIHernE2e5Tniq2q4aoeSdj2ZHr%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBbc6PFu_i80uObniD7bJAU&google_hm=Y8GEmx-HD-w3G0u-Va-MlwAABKsAAAAB&google_nid=index&google_push=AavPq0NB0h_aGS2slcMzvveTQxEsp_DnAfgqEyTxylk7Nvdd5We6baiQD5zPZ32z_6OzVyUJ2kG1QycxVrur_LMyMenFHfTzQG8zI3U
cache-control: no-cache
cf-ray: 788f746bf94399c3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D08D
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEErYM1ShnFzyzDGX9NECyuQ&google_cver=1&google_push=AavPq0O1yO6VIiKUx7pVAMPhK04I0ocB-Zo7xECKfJv__OPUhax1KX5NT-Nn5CtQoovBoWUW-vzbzLIvLtZaw5St...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0O1yO6VIiKUx7pVAMPhK04I0ocB-Zo7xECKfJv__OPUhax1KX5NT-Nn5CtQoovBoWUW-vzbzLIvLtZaw5Sth77yUe65iJeJR_s

170 B
232 B

63ms
62ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0O1yO6VIiKUx7pVAMPhK04I0ocB-Zo7xECKfJv__OPUhax1KX5NT-Nn5CtQoovBoWUW-vzbzLIvLtZaw5Sth77yUe65iJeJR_s

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Jan 2023 16:19:39 GMT
via: 1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0O1yO6VIiKUx7pVAMPhK04I0ocB-Zo7xECKfJv__OPUhax1KX5NT-Nn5CtQoovBoWUW-vzbzLIvLtZaw5Sth77yUe65iJeJR_s
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ccUQ-uMzb_GfxtA0djwPod4RZSEhJiWoqR_6xwsAfAXkgXS4giA33w==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D08D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0M1MrwuWX3wODG2FJOySvG-wBL35AzQanit9P7y_-33Hu3zAwnJETDKLDhZHMysoDemlt6cAN76LDsfJa9rslUN_vQ2fnDXyQ&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-4c712d47-235f-4d7b-99c1-551ab2860954-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0M1MrwuWX3wODG2FJOyS...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0M1MrwuWX3wODG2FJOySvG-wBL35AzQanit9P7y_-33Hu3zAwnJETDKLDhZHMysoDemlt6cAN76LDsfJa9rslUN_vQ2fnDXyQ&google_hm=A0xxLUcjX017mcFVGrKGCVQ

170 B
232 B

63ms
61ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0M1MrwuWX3wODG2FJOySvG-wBL35AzQanit9P7y_-33Hu3zAwnJETDKLDhZHMysoDemlt6cAN76LDsfJa9rslUN_vQ2fnDXyQ&google_hm=A0xxLUcjX017mcFVGrKGCVQ

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0M1MrwuWX3wODG2FJOySvG-wBL35AzQanit9P7y_-33Hu3zAwnJETDKLDhZHMysoDemlt6cAN76LDsfJa9rslUN_vQ2fnDXyQ&google_hm=A0xxLUcjX017mcFVGrKGCVQ
date: Fri, 13 Jan 2023 16:19:39 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX4c712d47235f4d7b99c1551ab2860954003
content-type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D08D 0
232 B 201ms
60ms Image
text/html 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JD0cy_rEnP1gmmAIlE2-AQvp2zGX5zXZewe3JNnFmrsvU6qhha-zl9rFT-yB63bD0NjcTa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame F400 28 KB
28 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 429322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 17:04:17 GMT

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A8E 36 KB
16 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 06:29:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C8F6 8 KB
968 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 16:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 16:00:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 16:19:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame C8F6 2 KB
799 B 41ms
40ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:08:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C8F6 0
0 83ms
82ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1ZilmoTBY7umLc-KywW1m7zQDKi_9Lhuvp6Fie8Q3N2BpowOEAEg_rjpJWD7AaABoZXy7QLIAQmpAhjmkzYQMrI-qAMByAPLBKoE_gFP0PR8t8_OQLwjl7rsufzltEWCK7ZXs8vd5QThRUs-jYI4IkNdcFeTD2GJMGcG0L6GMKi07Q2htyQgoUM_OTNpLT98irhK_-9BQ2dYtFd0fAKEmPXOO1sWT9Mr-erHGL6GntNSWeby21sngp1upeQP_lq5VUHb0ZUqWc-ju8_pQNWlx3ytU9iQsaFrs-__VOSiLzJw2WJjzwy7TuexD7QYliF-k8JtKPiBLqJ9fbpczq-5EWow_xG8tK0GSHtpq6Tk8gkRgWRwCLWRIEjpmD-HR_ed238mKpv4jh_91gV-kinwjVjIu6pRsczaWZu7UMPc_U-mM6azFdCZ4d_mtsAE3qHPiqAEkgUECAQYAZIFBAgFGASgBi6AB8fqjZIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvNMC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjMyOTQwNDk5NjU3MDUwMxgA&sigh=nU8cTGGUn0g&uach_m=[UACH]&cid=CAQSPADq26N9tohvZQQuOdjJZGUczJEXfFV9xclAfaczeZoRSc5qiZ_XizdmExkwYMU3Q8gAorUtFmcg96As5hgBIBM&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame C8F6 22 KB
9 KB 40ms
38ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:08:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame C8F6 3 KB
1 KB 50ms
48ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:08:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame C8F6 18 KB
7 KB 45ms
43ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:08:46 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C8F6 0
0 35ms
34ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNhk5odQxW-nF09Q7xrpy8ua5lUNPA6J1nQJ_PaA7hQMpVcvZGzs0hvqfhG3MJABP1SQH-nXUhvkY2nd_tDZJ43YoOHQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8F6 157 KB
48 KB 95ms
93ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 16:19:39 GMT

GET
H3 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame C8F6 33 KB
14 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:54:04 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15442512747625641713/ Frame C8F6 48 KB
48 KB 44ms
43ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15442512747625641713/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbc4bf521d3b021941f93c3a053464f1155fc4c93795cc4a5a924e8f3932f4e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 01:22:54 GMT
x-content-type-options: nosniff
age: 53805
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49416
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 08:40:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Jan 2024 01:22:54 GMT

GET
DATA 200
OK truncated
/ Frame C8F6 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C8F6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3F71 1 KB
643 B 29ms
26ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 14880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 12:11:39 GMT
etag: 48472445140208031
expires: Sat, 14 Jan 2023 12:11:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C8F6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9bbc88b96a03335240bf444ab44b1f34118058b46fc5fa136d173840e54ba41

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3F71 35 B
465 B 109ms
28ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDFytMyaTKHoS5Vm4rRacZI&google_cver=1&google_push=AavPq0P9hTmJBvn706DNZX7ZLTZpzFVYsoCdoetIqpNyTTdUZOxQE5FyiNm8K4fElylCUPKNfdHqXlnzY0CFPc95VGdPC7Pcp1c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3F71
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAavPq0NCzOGWc3Vm0Dzb7E2IbaFTMsCCdYLyjsmqiQB1kolD_BG74CYIfXANLUb5yeOvWyFYiY3j1vTsrJSd3ZKbO1MaGQFjOA&google_gid=CAESEFNXoTyVIryGmdNmnW2_BlY&googl...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJuJhp4GEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BYXZQcTBOQ3pPR1djM1ZtMER6YjdFMkliYUZUTXNDQ2RZTHlqc21xaVFCMWtvbERfQkc3NENZSWZYQU5MVWI1eWVPdld5RllpWTNqMXZUc3JKU2QzWk...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTEJCUkdEYkFHdE92Mk53aGlSbmtvakxlVERMdVczUTNSS3dfbmg5dlQ1Yw==&google_push

170 B
188 B

64ms
64ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTEJCUkdEYkFHdE92Mk53aGlSbmtvakxlVERMdVczUTNSS3dfbmg5dlQ1Yw==&google_push

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Jan 2023 16:19:39 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTEJCUkdEYkFHdE92Mk53aGlSbmtvakxlVERMdVczUTNSS3dfbmg5dlQ1Yw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3F71
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEL2QPlT-s7wnBqgtP4gOj1Y&google_push=AavPq0NMoqaBdC79-rlRzDg9qMwJGLkuFmAnPH1sm56Vt5210TkNdbsh3ba6-yXEGIt_jPPvVs3O8ZRmJZWQmtiufgjuxMU...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AavPq0NMoqaBdC79-rlRzDg9qMwJGLkuFmAnPH1sm56Vt5210TkNdbsh3ba6-yXEGIt_jPPvVs3O8ZRmJZWQmtiufgjuxMUykw&google_hm=MTA4MTQxMjc4NzAwMDk1...

170 B
188 B

63ms
62ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AavPq0NMoqaBdC79-rlRzDg9qMwJGLkuFmAnPH1sm56Vt5210TkNdbsh3ba6-yXEGIt_jPPvVs3O8ZRmJZWQmtiufgjuxMUykw&google_hm=MTA4MTQxMjc4NzAwMDk1Mzk1NzI

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AavPq0NMoqaBdC79-rlRzDg9qMwJGLkuFmAnPH1sm56Vt5210TkNdbsh3ba6-yXEGIt_jPPvVs3O8ZRmJZWQmtiufgjuxMUykw&google_hm=MTA4MTQxMjc4NzAwMDk1Mzk1NzI
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3F71
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEOxspkMiaf7jZazjDmvCqNc&google_cver=1&google_push=AavPq0MxtXBM1rgTX-trhH7XKzii4XvLmdJlQzLX9mUvPnlXDuUb5eO1tXM3JALE7c3gulvgEHwdnyl0h9HeS7rFsgmlfcJnbA
https://rtb.openx.net/sync/dds?google_gid=CAESEOxspkMiaf7jZazjDmvCqNc&google_cver=1&google_push=AavPq0MxtXBM1rgTX-trhH7XKzii4XvLmdJlQzLX9mUvPnlXDuUb5eO1tXM3JALE7c3gulvgEHwdnyl0h9HeS7rFsgmlfcJnbA&ox...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0MxtXBM1rgTX-trhH7XKzii4XvLmdJlQzLX9mUvPnlXDuUb5eO1tXM3JALE7c3gulvgEHwdnyl0h9HeS7rFsgmlfcJnbA&google_hm=UA3arIj9xRA5cgn-A3CVzA==

170 B
188 B

65ms
65ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0MxtXBM1rgTX-trhH7XKzii4XvLmdJlQzLX9mUvPnlXDuUb5eO1tXM3JALE7c3gulvgEHwdnyl0h9HeS7rFsgmlfcJnbA&google_hm=UA3arIj9xRA5cgn-A3CVzA==

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0MxtXBM1rgTX-trhH7XKzii4XvLmdJlQzLX9mUvPnlXDuUb5eO1tXM3JALE7c3gulvgEHwdnyl0h9HeS7rFsgmlfcJnbA&google_hm=UA3arIj9xRA5cgn-A3CVzA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: vte60a36i15271u6i5v7210fc0n08boi

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3F71
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-5Jh5ELjRV2HgyVOtdre1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

68ms
63ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-5Jh5ELjRV2HgyVOtdre1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NYn4jL1bSOvJZ7ExI3fhfYrRDK8urQcJYIy_b_KpFjpt_6CU8NLeiYNpaB-F5emlAKiYZ0AZUA63l-cxeU6vqKHCIRhg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-5Jh5ELjRV2HgyVOtdre1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NYn4jL1bSOvJZ7ExI3fhfYrRDK8urQcJYIy_b_KpFjpt_6CU8NLeiYNpaB-F5emlAKiYZ0AZUA63l-cxeU6vqKHCIRhg
date: Fri, 13 Jan 2023 16:19:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3F71
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGqmBrdFx18gr5Yh9Dw6C9E&google_cver=1&google_push=AavPq0Pr7Y80JgHOhHNt7eQGSZ3vDC2xQuPUUsOejAFfJUQAQn-B2luNGoM4_TWlK3WTXNl-IHn...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENVUTY4Nk0tMUYtR1lQSw==&google_push=AavPq0Pr7Y80JgHOhHNt7eQGSZ3vDC2xQuPUUsOejAFfJUQAQn-B2luNGoM4_TWlK3WTXNl-IHnShKinFIhvaC41GB83k7wuOm0

170 B
188 B

65ms
65ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENVUTY4Nk0tMUYtR1lQSw==&google_push=AavPq0Pr7Y80JgHOhHNt7eQGSZ3vDC2xQuPUUsOejAFfJUQAQn-B2luNGoM4_TWlK3WTXNl-IHnShKinFIhvaC41GB83k7wuOm0

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENVUTY4Nk0tMUYtR1lQSw==&google_push=AavPq0Pr7Y80JgHOhHNt7eQGSZ3vDC2xQuPUUsOejAFfJUQAQn-B2luNGoM4_TWlK3WTXNl-IHnShKinFIhvaC41GB83k7wuOm0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3F71
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPH8DsawGZXP-80SUQOb9yc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPH8DsawGZXP-80SUQOb9yc&google_hm=Y8GEmx-HD-w3G0u-Va-MlwAABKsAAAAB&google_nid=index&google_push=AavPq0P6fDizYgUnvdm_lGVT5fM-CD7oTT3SI...

170 B
188 B

63ms
63ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPH8DsawGZXP-80SUQOb9yc&google_hm=Y8GEmx-HD-w3G0u-Va-MlwAABKsAAAAB&google_nid=index&google_push=AavPq0P6fDizYgUnvdm_lGVT5fM-CD7oTT3SIX_Yx0K61EpRTZ_BAh9tb43SdkSgPgrWU3yCNa1LqYqoH10Jc5mFf6RFdqLIRQ

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ya5%2FucbrxwZhIESe7KY12qHAhVcS%2BSu0zRRzRspBczVL%2BWQ4dt5JEBHxM7%2FqvRlmuc%2BRrlnGpdAx%2B9SpNVq4skM4TMHmpalfbX6QuQiyFWymQAQHwc5PDkNF7pW52SER0iYDpOSUkf8q4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPH8DsawGZXP-80SUQOb9yc&google_hm=Y8GEmx-HD-w3G0u-Va-MlwAABKsAAAAB&google_nid=index&google_push=AavPq0P6fDizYgUnvdm_lGVT5fM-CD7oTT3SIX_Yx0K61EpRTZ_BAh9tb43SdkSgPgrWU3yCNa1LqYqoH10Jc5mFf6RFdqLIRQ
cache-control: no-cache
cf-ray: 788f746db9d9d393-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3F71 0
12 B 64ms
62ms Image
text/html 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6Q7gYzNwSnvYLZZ_Z20ZgO3o32QW8nx0Oi8fyTusMkTXZzBCVe3MSgaVVY3V_IHJgezlB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 16:19:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame C8F6 28 KB
28 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 429322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 17:04:17 GMT

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame AD54 36 KB
16 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2329404996570503&output=html&h=280&slotname=1382976475&adk=3599188105&adf=3923368445&pi=t.ma~as.1382976475&w=770&fwrn=1&fwrnh=100&lmt=1673626778&rafmt=1&format=770x280&url=https%3A%2F%2Fparticipant-v2.tirokdo.com%2F%3Fid_event%3D609742%26id_guest%3D5562646%26hash%3D92722142c7954e9c95ad62f607ef3536&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673626778676&bpp=10&bdt=2564&idt=-M&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbd56fc902eb24261-2233648242db0056%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g&gpic=UID%3D00000ba20f383217%3AT%3D1673626777%3ART%3D1673626777%3AS%3DALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ&prev_fmts=0x0%2C1600x1200&nras=2&correlator=8107816801218&frm=20&pv=1&ga_vid=1578197813.1673626777&ga_sid=1673626777&ga_hid=1506668597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=415&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C31071258%2C31071267&oid=2&pvsid=3765086891074473&tmod=1330511936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j8vHf0hJV1&p=https%3A//participant-v2.tirokdo.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 06:29:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C8F6 42 B
64 B 138ms
137ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMNYmiB9QOVt74cncaWx4sof__iftSw5Uc1heYb0GNeyBt50Q2IqO68iiK-QawzkDw2xnD9irfUG_3H89c5e6HEE8mSMdUuhc7hgGGBspczqrzHrdoWdbEQQ7ByUw621wYhVRUZg&sai=AMfl-YSqGF8HH7JQDS9y6gQas3zFj7LEm9AKNM-u-WIxPc4YVf3ppIRZWFdtO9R3OSSkXVUFdKaUA5ZoHiYzM_UYxrqYtTrMDtRVA7Js62MAA5q4A7bxmtR1fzO6uq9BtPk&sig=Cg0ArKJSzPSO5bzDM-XMEAE&cid=CAQSPADq26N9tohvZQQuOdjJZGUczJEXfFV9xclAfaczeZoRSc5qiZ_XizdmExkwYMU3Q8gAorUtFmcg96As5hgBIBM&id=lidar2&mcvt=1000&p=0,0,280,770&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3599188105&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673626778693&rpt=1163&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 16:19:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tirokdo.com/	1970-01-20 18:29:46	Name: _ga Value: GA1.2.1578197813.1673626777
.tirokdo.com/	1970-01-20 08:55:13	Name: _gid Value: GA1.2.483297925.1673626777
.tirokdo.com/	1970-01-20 08:53:46	Name: _gat Value: 1
.tirokdo.com/	1970-01-20 18:15:22	Name: __gads Value: ID=bd56fc902eb24261-2233648242db0056:T=1673626777:RT=1673626777:S=ALNI_Max1lB4PNXHVCJnRIAKap3vlKug0g
.tirokdo.com/	1970-01-20 18:15:22	Name: __gpi Value: UID=00000ba20f383217:T=1673626777:RT=1673626777:S=ALNI_Maqve27MRQ_lELcOlja52HyOJqqlQ
participant-v2.tirokdo.com/	1969-12-31 23:59:59	Name: PN_welcome Value: 1
participant-v2.tirokdo.com/	1969-12-31 23:59:59	Name: id_event Value: 609742
participant-v2.tirokdo.com/	1969-12-31 23:59:59	Name: id_guest Value: 5562646
participant-v2.tirokdo.com/	1969-12-31 23:59:59	Name: hash Value: 92722142c7954e9c95ad62f607ef3536
.pubmatic.com/	1970-01-20 08:55:13	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 17:39:22	Name: CMID Value: Y8GEmx.HD.w3G0u.Va.MlwAA
.casalemedia.com/	1970-01-20 11:03:22	Name: CMPS Value: 1195
.casalemedia.com/	1970-01-20 11:03:22	Name: CMPRO Value: 1195
.pubmatic.com/	1970-01-20 17:39:22	Name: KADUSERCOOKIE Value: FB9261E4-42E3-455D-8783-254EB5DADED6
.1rx.io/	1970-01-20 17:39:22	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-4c712d47-235f-4d7b-99c1-551ab2860954-003%22%7D
.doubleclick.net/	1970-01-20 18:15:22	Name: IDE Value: AHWqTUnKf77dWk_axoDES4WeORdV_3EzjMyNoD107_UmsH7_YfpNITNVCsY9UXX_2Tk
.targeting.unrulymedia.com/	1970-01-20 17:39:22	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-4c712d47-235f-4d7b-99c1-551ab2860954-003%22%7D
.tribalfusion.com/	1970-01-20 11:03:22	Name: ANON_ID Value: annseFoZdUQcR2Hp9vcghe3MjajAZdsrQpau4Ub7wDsknh2L0tZbcGVVqgQtZcIsBYQrrJ1RfU0IMBNWZbAMOPE5e
.rlcdn.com/	1970-01-20 17:39:22	Name: rlas3 Value: wuomjaq1TugaisMdh3onM4I4XDfFyB35r8ZSK0tTJ40=
.mookie1.com/	1970-01-20 18:22:34	Name: id Value: 10814127870009539572
.mookie1.com/	1970-01-20 18:22:34	Name: mdata Value: 1\|10814127870009539572\|1673626779860
.mookie1.com/	1970-01-20 18:22:34	Name: ov Value: 63f39d7cbd56ef8afffaa3b378a39be8
.openx.net/	1970-01-20 17:39:22	Name: i Value: 5cf76fc9-88fc-43c9-85d0-8da1b44e9c8b\|1673626779
.quantserve.com/	1970-01-20 11:03:22	Name: d Value: EDUBCQGFKIEA
.quantserve.com/	1970-01-20 18:24:01	Name: mc Value: 63c1849b-d578c-2d61b-5dad1
.rlcdn.com/	1970-01-20 10:20:10	Name: pxrc Value: CJuJhp4GEgUI6AcQABIGCOndKhAA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.com
adservice.google.fr
ajax.googleapis.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.angularjs.org
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
match.adsrvr.org
odr.mookie1.com
oldy4rchtk.execute-api.eu-west-1.amazonaws.com
pagead2.googlesyndication.com
participant-v2.tirokdo.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagservices.com
www.gstatic.com
www.tirokdo.com
104.18.33.19
13.32.27.28
15.197.193.217
151.101.1.195
172.217.19.98
198.47.127.19
2001:4860:4802:34::178
213.19.147.44
2600:9000:206e:f400:1b:5138:8a40:93a1
2600:9000:20eb:7000:19:2400:a080:93a1
2600:9000:20eb:d200:13:b126:2dc0:93a1
2606:4700::6811:180e
2606:4700::6812:18ad
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2003
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9a
2a00:1450:400d:802::2002
2a00:1450:400d:802::200a
2a00:1450:400d:806::2002
2a00:1450:400d:808::2001
2a00:1450:400d:80d::2003
2a00:1450:400d:80e::2002
2a02:fa8:8806:13::1400
34.98.67.61
35.227.252.103
35.244.174.68
69.173.144.138
00526e46a0cd4e0849012e53b5a9a2d003af41042d22f7cd4d6e2aaeb38577fd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d89ca305cfa497d094364bf3dced15ea28b08c50c1521f7d9f7e23bb7d8e9e9
1759dcd95a0bb122da78fca4ba49ba76979b01e4f8ff51f4e360a2ed1fa0b509
20ec55e764f09d132a679b2aa4ef98a9256b58b7a1a79f70dfec5e901160de75
27183e0b6ed9ec33af9695a549b8e19e632e66fc0e5329b545fef8a930b73755
2978ad61291e6a17274af669d2e198ecadc08e2d4ea1b62a510a82d8d834e57a
2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324098cd006251aa4aad91eac08e73ab2025f1bc74c7d51db58210f5be9d39f8
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
39712a70d045a2e1bc302d5d7da568c78b1aeb6f3e71adb0dce34e0a50a801e7
39e4bb012c5448fbb3a989de736d318228ffa017956f80df3dec995f83b57928
3a40300f61db5bf58d58cf64fab710a27a53c9bf9c747052b370332c25beac8c
3d8e8dcd10159b2b88aa5f71bf758df8155345b2413d88f276344a1195a617cf
3f320e834a5ac2fa9197a7cb579617a2e711bfa2be4e37b4a816f17591a6e788
3ff0b19df0736040a67b1cca9285bcd50d10a36bab6121c4de8831d5fef6a3d2
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
43eed40cfba1b5f68f951aad181aeedc9ca9c307f76e396b600afaa325535676
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11
48cf0d9151e5339e93e4e03c47a06058759d89f8d859853ceeca3b985b7125e3
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c8bfd3d161bdb7aeb6912eee0dd4d4df53e93c2277a0ce856a3ea20888d857d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e85937bf50e734ff73f1d8b92e1a1a0d35a600963e5314e4564fa8e279092ac
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58f76b0b684536fbea8ae9ae7177607e81a261407916e9a86e063b02948e9adc
59391e6f90191d7fec0da706486885dcd5f7f07bd085fbf4535ba29400e4b177
59c224307f8e3fa50195cedc74738dc36619c267224f36e5bc814155377c9ca7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b902e4a791a0400b23a9fc4ce9e27a6cab7dc1281e30b5744668ab4cae29f2
6669cdde2766105a9f79aea00a979ec749fddd8c0311f6e6a25b0adc6e7fdab1
6b0a1032f00791c69da6e5fa421e1af4ff727cf274063b8fa3805756dde6da07
6cf790660666a6437f33b5230d5b09a488f45a1f72cea06bf949f94562ded557
6f936f9af51ccabd30a4138b9cd6da587e73290022be18fcc8c6217d712e9900
71a31961a9189a38bc4d1be0bd850cc36ef292beb45ffbfdd6e3ecda94b9af0e
7d150dff7fc28d3d83ed1b934aefcacfb43e3d15164689af950a56cbfa3ae36e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a520bca2718d9597efe3bc2f8b6b55776613f9455e89d2d0ce84416526b66ed
8b5f43a98e4a9b8d03d599594db018b3df4e3681eadb1ddcf7d21c0d13ae3ff4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f74d253590b2cd163a6e6e375064892d0ac8cf69ee95f58c2d25fbefcfbb937
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e77bd9c5943d378cd99a57d0d3f4db39d570a8a5ba2584d5a5f02dacdfbf6d5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1
a2e90901d3e4dd32ea589f71d57ae25b1378a7c1d9f1b1ee6e89b1001c1692f5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a65d8f1ffb557eb817d138e40980f4c044c9efc02dca7ef829f755f9fc936254
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab596d6a0463ab1c7e511fd41921dcac57a186d3cd620373ec4cffa5015d5c1d
ad5c68e41f16eb6f5d231ff74ba60ce8e124c8d961a5fd25e68da666e479923f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe294f841b0f14f50e088ff7736c6ccf28db4e8dc49824982d5852ad1a154b8
b3f93908aade7a1148b99761ab3cd4fcb9ac81842c8e8aebeaa84b434e82cc1d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b84d4c2cc8e2877724337d7795298df67593d31e750269b330907fa8a6586da5
b99715e16ba90070028ae11d63ef87fc590509b55d05297c4a7654081c3ae726
bb66ad84fc352cc5d1f56c7fee9b799782edca2ac472644210f65db4b96d009a
bbcc5b3cbeac3710b46105710a69523cacb65b4b9d721ada66e00577c7acb1b8
bc8aca120bd0d8aa23be5d5e089a4c2d39b709f9b9465ee914d47455ce3d0dd0
c170d15f29069227a3dca1cd045042ceb3c3ae3c5dd6d9348f4172b27f6fa298
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
c639475111ae9c7a6c89e022ab7a77eb6e9d82145e845dfba037b53650297288
c917f972a0eb0666de5977a0bddc34945c791a62b4d0729c0ea334b2356c8d19
cb11fa806ce24799e9665db35126edbe59cf16bf70a0b18ba93566aad8a36cb1
cc9f474975b583cb47260de0c13ee5d287a645e1f997529b30b3eab1e49fa29e
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
dbc4bf521d3b021941f93c3a053464f1155fc4c93795cc4a5a924e8f3932f4e2
dca2e8dea78e248e0f1c19ad5f258419185293f7f08966730feb692ef11991f1
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea446350a3a4fbeaa3cd46f59e18cb49070a4601180186442e2fe5baf9c81cf6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6ed8f53cf929523126d73e4d21b0f24f457404364dc7e5eca303f4d67d88091
f9bbc88b96a03335240bf444ab44b1f34118058b46fc5fa136d173840e54ba41
f9feba72f869d5a3f1b35197569fe25b3d7a871019dbb40cabaec79dfaebae39
fc8cd83688118571112263808d50a1b46cf2628c75521f0c3cfa426fc9a1415e

participant-v2.tirokdo.com Open in urlscan Pro 2600:9000:20eb:7000:19:2400:a080:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

130 Requests

92 %HTTPS

66 %IPv6

26 Domains

35 Subdomains

25 IPs

7 Countries

2080 kBTransfer

4495 kBSize

26 Cookies

5 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

participant-v2.tirokdo.com Open in urlscan Pro
2600:9000:20eb:7000:19:2400:a080:93a1 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

92 %
HTTPS

66 %
IPv6

26
Domains

35
Subdomains

25
IPs

7
Countries

2080 kB
Transfer

4495 kB
Size

26
Cookies

130 HTTP transactions
8 data transactions