dudasbecasmec.net Open in urlscan Pro
51.254.44.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dudasbecasmec.net/
Effective URL:
https://dudasbecasmec.net/
Submission Tags: falconsandbox
Submission: On July 24 via api (July 24th 2023, 6:51:36 pm UTC) from US — Scanned from FR

Summary HTTP 106 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 9 domains to perform 106 HTTP transactions. The main IP is 51.254.44.144, located in France and belongs to OVH, FR. The main domain is dudasbecasmec.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 22nd 2023. Valid for: 3 months.

This is the only time dudasbecasmec.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	51.254.44.144 51.254.44.144	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4008:c00::5e	15169 (GOOGLE) (GOOGLE)
2	64.233.184.157 64.233.184.157	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:401... 2a00:1450:401f:6::9	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
106	14

30 51.254.44.144 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: host.seobarcelona.org

dudasbecasmec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4008:c00::5e (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.184.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:401f:6::9 (Ireland)

ASN15169 (GOOGLE, US)

r4---sn-aigzrn76.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 134 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	414 KB
30	dudasbecasmec.net 1 redirects dudasbecasmec.net	342 KB
17	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com	158 KB
15	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 bid.g.doubleclick.net — Cisco Umbrella Rank: 743	151 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82 imasdk.googleapis.com — Cisco Umbrella Rank: 510	267 KB
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1160 r4---sn-aigzrn76.c.2mdn.net — Cisco Umbrella Rank: 197791	3 MB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	57 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1178	463 B
106	9

	Domain	Requested by
30	dudasbecasmec.net	1 redirects dudasbecasmec.net
16	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
14	pagead2.googlesyndication.com	dudasbecasmec.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com dudasbecasmec.net googleads.g.doubleclick.net
8	csi.gstatic.com	imasdk.googleapis.com
6	fonts.gstatic.com	fonts.googleapis.com
4	r4---sn-aigzrn76.c.2mdn.net	dudasbecasmec.net
4	imasdk.googleapis.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	dudasbecasmec.net googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
106	15

This site contains no links.

Subject Issuer	Validity	Valid
dudasbecasmec.net cPanel, Inc. Certification Authority	`2023-05-22` - `2023-08-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-07-11` - `2023-09-19`	2 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://dudasbecasmec.net/
Frame ID: 9BD4CF5B0BA5880F101645FA7DCDE1EE
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html
Frame ID: A2F39E53769CE7CF6BDFD76AE76D8B4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&adk=318159125&adf=2184669829&lmt=1690224692&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fdudasbecasmec.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692315&bpp=6&bdt=333&idt=224&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7560411078779&frm=20&pv=2&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=246
Frame ID: C43EC02B8E81FACC0C50835A8A02140A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=8647477186&adk=2199126465&adf=1183378421&pi=t.ma~as.8647477186&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=1&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692321&bpp=2&bdt=339&idt=247&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DCPc1ZWToL&p=https%3A//dudasbecasmec.net&dtd=252
Frame ID: F4022C6A4A41D51526092D6202DB11FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=5935018788&adk=3741108514&adf=3950792817&pi=t.ma~as.5935018788&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=3&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692323&bpp=1&bdt=340&idt=283&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1095&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yK800UTUu8&p=https%3A//dudasbecasmec.net&dtd=287
Frame ID: 84D633449D19B469BE4D916C4D90E32A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=8647477186&adk=2199126465&adf=71616312&pi=t.ma~as.8647477186&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=1&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692324&bpp=1&bdt=342&idt=291&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bsCdhJIoeS&p=https%3A//dudasbecasmec.net&dtd=295
Frame ID: F452F07B8B3ADA87EE3F23CDF5EA5919
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=5935018788&adk=3741108514&adf=3556442258&pi=t.ma~as.5935018788&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=3&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692325&bpp=1&bdt=343&idt=299&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280%2C680x280%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=6ALbxWo8ED&p=https%3A//dudasbecasmec.net&dtd=303
Frame ID: 911FD7A6F7431499EF38360B5261709C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=5935018788&adk=3741108514&adf=3025478643&pi=t.ma~as.5935018788&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=3&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692325&bpp=1&bdt=342&idt=309&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da0da629ce67268ea-22164d65e4e200c1%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZbsv1oX_L2Bo1agIww44Gu633Z2Q&gpic=UID%3D00000d127d66684e%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZ8v1HqsRk_E-G7LTDEWQs462j-vQ&prev_fmts=0x0%2C680x280%2C680x280%2C680x280%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=3311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=TpZrgUYl09&p=https%3A//dudasbecasmec.net&dtd=312
Frame ID: A87926D3D2041F9133F2E87F60953CA4
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=8647477186&adk=2199126465&adf=3898532148&pi=t.ma~as.8647477186&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=1&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692326&bpp=1&bdt=343&idt=315&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da0da629ce67268ea-22164d65e4e200c1%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZbsv1oX_L2Bo1agIww44Gu633Z2Q&gpic=UID%3D00000d127d66684e%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZ8v1HqsRk_E-G7LTDEWQs462j-vQ&prev_fmts=0x0%2C680x280%2C680x280%2C680x280%2C680x280%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=4477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=9EeeAjhGYF&p=https%3A//dudasbecasmec.net&dtd=318
Frame ID: 0477568B19AF5C49CB44A2FD219124E1
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4C4B898B33883AB9FA6D6C68A556D906
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: CFB35A8C78A89A2396A37796838B9D6A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3D76427D1CBB6C3C342F2B48E4E0C673
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: AA783E50CB06DD42F5D0C08B10B7766B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B65765B757ADA860C841777B48F2CCFA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js
Frame ID: 1700DCFB656D868EE0483B70FFAB6BEA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C7BE977142236FC618C1D56F7943384A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B4AE08C3065487EBCD67B9E0C1B0157B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dudas Becas MEC 2023 - Foro y dudas

Page URL History Show full URLs

http://dudasbecasmec.net/ HTTP 301
https://dudasbecasmec.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

106
Requests

98 %
HTTPS

86 %
IPv6

9
Domains

15
Subdomains

14
IPs

5
Countries

4667 kB
Transfer

6758 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dudasbecasmec.net/ HTTP 301
https://dudasbecasmec.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://gcdn.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/435E9748742F1394A6D9CBFA3C5E8DBBC5E9435B.B19A9AB83E11170C8DF3B7EBBD3860C234F6B781/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-aigzrn76.c.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/261D508197F055F7747BC7A12E15892A78D7EDC7.71066518C57BFA361D5053F261A4D15FA37BB4EB/key/cms1/cms_redirect/yes/mh/vI/mip/2001:41d0:8:d154::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1690223367/mv/u/mvi/4/pl/52/file/file.mp4

Request Chain 73

https://gcdn.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/715E133699CFBE04AAC87C1266E80902F9A72F0D.1CFC8D01688AAE1A9745E4923700A215088D7A39/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-aigzrn76.c.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13190349142A5548D3FB5766C2379A53B3CB271B.5CED959D1E3452BE70E887192860301E5EC6FB3F/key/cms1/cms_redirect/yes/mh/vI/mip/2001:41d0:8:d154::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1690223367/mv/u/mvi/4/pl/52/file/file.mp4

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

106 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dudasbecasmec.net/
Redirect Chain

http://dudasbecasmec.net/
https://dudasbecasmec.net/

115 KB
17 KB

568ms
529ms

Document
text/html

51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: c175cfa9d59788aee3a8875516876e19adf6415929216c2dd0dc2d492fdb0c46

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 24 Jul 2023 18:51:31 GMT
link: <https://dudasbecasmec.net/wp-json/>; rel="https://api.w.org/" <https://dudasbecasmec.net/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json" <https://dudasbecasmec.net/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Mon, 24 Jul 2023 18:51:31 GMT
location: https://dudasbecasmec.net/
server: LiteSpeed

GET
H2 200 style.min.css
dudasbecasmec.net/wp-includes/css/dist/block-library/ 95 KB
12 KB 24ms
18ms Stylesheet
text/css 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Mon, 17 Apr 2023 07:48:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11775
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H2 200 classic-themes.min.css
dudasbecasmec.net/wp-includes/css/ 291 B
321 B 24ms
18ms Stylesheet
text/css 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-includes/css/classic-themes.min.css
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Mon, 17 Apr 2023 07:48:24 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 291
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H2 200 admin-bar.css
dudasbecasmec.net/wp-content/plugins/anti-spam/assets/css/ 1 KB
445 B 24ms
19ms Stylesheet
text/css 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-content/plugins/anti-spam/assets/css/admin-bar.css
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 144a5317c57fbfa1b8ab0279f3a4472b62e4fcb2c8db14250dcb0ef729422aec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Mon, 17 Apr 2023 07:47:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 389
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H2 200 style.css
dudasbecasmec.net/wp-content/themes/mts_schema/ 34 KB
8 KB 37ms
32ms Stylesheet
text/css 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-content/themes/mts_schema/style.css
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: d6224471e9fd5710e95059dc11c4faa453bac9893d260fd20c255dedd452bdea

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 10:24:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8009
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H2 200 responsive.css
dudasbecasmec.net/wp-content/themes/mts_schema/css/ 12 KB
2 KB 35ms
30ms Stylesheet
text/css 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-content/themes/mts_schema/css/responsive.css
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 9c930d4d90c868ceaed45ceeae7207389fde3f55071558f51a3aa3db46cc610f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Fri, 14 Dec 2018 16:13:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2393
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H2 200 font-awesome.min.css
dudasbecasmec.net/wp-content/themes/mts_schema/css/ 30 KB
7 KB 36ms
31ms Stylesheet
text/css 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-content/themes/mts_schema/css/font-awesome.min.css
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Fri, 14 Dec 2018 16:13:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6636
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H2 200 jquery.min.js Show response
dudasbecasmec.net/wp-includes/js/jquery/ 88 KB
30 KB 35ms
31ms Script
application/javascript 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-includes/js/jquery/jquery.min.js
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Mon, 17 Apr 2023 07:48:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30376
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H2 200 jquery-migrate.min.js Show response
dudasbecasmec.net/wp-includes/js/jquery/ 13 KB
5 KB 23ms
20ms Script
application/javascript 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Mon, 17 Apr 2023 07:48:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4603
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 customscript.js Show response
dudasbecasmec.net/wp-content/themes/mts_schema/js/ 8 KB
2 KB 19ms
18ms Script
application/javascript 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-content/themes/mts_schema/js/customscript.js
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 80d96f20d9bd725cc314b80c9966cad13d32c6664abf3eea1a9f86842b7d5e5b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Fri, 14 Dec 2018 16:13:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2334
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 104ms
35ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:normal|Raleway:500|Raleway:700|Roboto+Slab:300&subset=latin

Requested by

Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

067cd0c0a2fb243e9f0e9a507c062d7f92892ffd6b6e902efef05d07148ec055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 18:51:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 18:51:32 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 160ms
96ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c81cf615e28eb50e455099fb1ab62210877d4fad703ead9d0f05b0bf2be44eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50961
x-xss-protection: 0
server: cafe
etag: 12712730251368369250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 18:51:32 GMT

GET
H3 200 dudas-becas-mec.png
dudasbecasmec.net/wp-content/uploads/2018/12/ 14 KB
14 KB 27ms
25ms Image
image/png 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dudasbecasmec.net/wp-content/uploads/2018/12/dudas-becas-mec.png
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 74ca31818d9864138e6877765db5fec0cfced55df507025c113e34142c2178b0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Fri, 14 Dec 2018 16:18:47 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13824
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 mec-300x55.png
dudasbecasmec.net/wp-content/uploads/2018/12/ 19 KB
19 KB 19ms
18ms Image
image/png 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dudasbecasmec.net/wp-content/uploads/2018/12/mec-300x55.png
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 7f82c1b6643d032c38319a1098bb41c138e6de7e138b7eaff9aa73d9ab9f6ed5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Wed, 19 Dec 2018 11:01:15 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19483
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 umbrales.png
dudasbecasmec.net/wp-content/uploads/2018/12/ 5 KB
5 KB 32ms
31ms Image
image/png 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dudasbecasmec.net/wp-content/uploads/2018/12/umbrales.png
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 571156b6ccfa7700d23d49129bb2c1a2a328ddd4b3a01ff14f646b0d94f5e7aa

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Sun, 23 Dec 2018 21:51:33 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5262
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 tramites.png
dudasbecasmec.net/wp-content/uploads/2018/12/ 2 KB
2 KB 26ms
25ms Image
image/png 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dudasbecasmec.net/wp-content/uploads/2018/12/tramites.png
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 336e034338576edb2e49f967559810740f82de3003bf124f5c490451cd415d32

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Sun, 23 Dec 2018 21:55:48 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1678
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 calculadora.png
dudasbecasmec.net/wp-content/uploads/2018/12/ 2 KB
2 KB 25ms
23ms Image
image/png 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dudasbecasmec.net/wp-content/uploads/2018/12/calculadora.png
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: d8b4606d9a74ced5729bc14061d47021c7ba2ed69d813100f41d4f19c6acaa61

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Sun, 23 Dec 2018 22:21:39 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1574
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 requisitos.png
dudasbecasmec.net/wp-content/uploads/2018/12/ 2 KB
2 KB 26ms
24ms Image
image/png 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dudasbecasmec.net/wp-content/uploads/2018/12/requisitos.png
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 7bad84a1cd727986dfcb22426d0b4d3889f727d52e9351c8bbcf94a71fb67f73

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Sun, 23 Dec 2018 22:32:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2287
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 notificaciones.png
dudasbecasmec.net/wp-content/uploads/2018/12/ 2 KB
2 KB 26ms
24ms Image
image/png 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dudasbecasmec.net/wp-content/uploads/2018/12/notificaciones.png
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 0be6b3c2792267329eb60a1647f57e623ab2367005ca1236515a9614ee2cecb0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Sun, 23 Dec 2018 23:01:52 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2221
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 consultar-estado-becas.png
dudasbecasmec.net/wp-content/uploads/ 2 KB
2 KB 33ms
32ms Image
image/png 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dudasbecasmec.net/wp-content/uploads/consultar-estado-becas.png
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: d87aef3917a53cc602c6ce9acc1689836c84fb9fe3aa9b6033f6fe6f5ad183f6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Wed, 06 Feb 2019 09:16:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1941
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 beca-no-universitaria.png
dudasbecasmec.net/wp-content/uploads/2018/12/ 2 KB
2 KB 33ms
31ms Image
image/png 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dudasbecasmec.net/wp-content/uploads/2018/12/beca-no-universitaria.png
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 61411205b331a61449d5cdd88c4ce42581c9cf5720cae727145e5564528fdd46

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Mon, 24 Dec 2018 09:33:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2298
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 beca-universitaria.png
dudasbecasmec.net/wp-content/uploads/ 4 KB
4 KB 29ms
27ms Image
image/png 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dudasbecasmec.net/wp-content/uploads/beca-universitaria.png
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 009b26ec1ddcf513dc03e2137356d0104f75d9d7f0f5aa1a470d948885c05f95

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Mon, 24 Dec 2018 09:49:47 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4443
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 shortcodes.css
dudasbecasmec.net/wp-content/plugins/shortcodes-ultimate/includes/css/ 44 KB
7 KB 15ms
15ms Stylesheet
text/css 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 41e8d373b9d97d2006ac7790c8962b71668574e1342cd834ee9e6f40302bc7e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 10:09:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7343
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 icons.css
dudasbecasmec.net/wp-content/plugins/shortcodes-ultimate/includes/css/ 37 KB
8 KB 15ms
15ms Stylesheet
text/css 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 0c087c3e6882fae966a431bb979d17bf8af58ce38101213a5eafa6c10bf7e0ac

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 10:09:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8260
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 anti-spam.js Show response
dudasbecasmec.net/wp-content/plugins/anti-spam/assets/js/ 1 KB
485 B 15ms
15ms Script
application/javascript 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-content/plugins/anti-spam/assets/js/anti-spam.js
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: e2b35f4f89b2af4cd305612acdcf1c63644583c10f78a8842a316f84b8b99e8c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Mon, 17 Apr 2023 07:47:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 440
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 comment-reply.min.js Show response
dudasbecasmec.net/wp-includes/js/ 3 KB
1 KB 15ms
15ms Script
application/javascript 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-includes/js/comment-reply.min.js
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Wed, 25 May 2022 04:14:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 wp-emoji-release.min.js Show response
dudasbecasmec.net/wp-includes/js/ 18 KB
5 KB 27ms
26ms Script
application/javascript 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
last-modified: Mon, 17 Apr 2023 07:48:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 nobg.png
dudasbecasmec.net/wp-content/themes/mts_schema/images/ 68 B
110 B 50ms
49ms Image
image/png 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dudasbecasmec.net/wp-content/themes/mts_schema/images/nobg.png
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Fri, 14 Dec 2018 16:13:12 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 68
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H3 200 style-soft.png
dudasbecasmec.net/wp-content/plugins/shortcodes-ultimate/includes/images/styles/ 101 B
120 B 49ms
49ms Image
image/png 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dudasbecasmec.net/wp-content/plugins/shortcodes-ultimate/includes/images/styles/style-soft.png
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: b09f4dceb06ef851d872beee0448884a640da11d624bfed3c02e695bec415729

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Wed, 12 Jul 2023 10:09:48 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 101
expires: Mon, 31 Jul 2023 18:51:32 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 110ms
52ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:normal|Raleway:500|Raleway:700|Roboto+Slab:300&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dudasbecasmec.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 03:19:22 GMT
x-content-type-options: nosniff
age: 487930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 03:19:22 GMT

GET
H3 200 fontawesome-webfont.woff2
dudasbecasmec.net/wp-content/themes/mts_schema/fonts/ 75 KB
75 KB 23ms
22ms Font
font/woff2 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-content/themes/mts_schema/fonts/fontawesome-webfont.woff2
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/wp-content/themes/mts_schema/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://dudasbecasmec.net/wp-content/themes/mts_schema/css/font-awesome.min.css
Origin: https://dudasbecasmec.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Fri, 14 Dec 2018 16:13:12 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 77160
content-type: font/woff2

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v25/ 34 KB
34 KB 81ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:normal|Raleway:500|Raleway:700|Roboto+Slab:300&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dudasbecasmec.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:31:14 GMT
x-content-type-options: nosniff
age: 192018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34432
x-xss-protection: 0
last-modified: Tue, 02 May 2023 17:01:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 13:31:14 GMT

GET
H3 200 forkawesome-webfont.woff2
dudasbecasmec.net/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/ 107 KB
107 KB 19ms
19ms Font
font/woff2 51.254.44.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dudasbecasmec.net/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2?v=1.2.0
Requested by: Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 51.254.44.144 , France, ASN16276 (OVH, FR),
Reverse DNS: host.seobarcelona.org
Software: LiteSpeed /
Resource Hash: 8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49

Request headers

Referer: https://dudasbecasmec.net/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Origin: https://dudasbecasmec.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
last-modified: Wed, 12 Jul 2023 10:09:48 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 109916
content-type: font/woff2

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/ 360 KB
123 KB 128ms
127ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4613056743218913&plah=dudasbecasmec.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21ee22171895c6a78934017d624d8729e1a1641a71fc76caa34083b202ff3f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126184
x-xss-protection: 0
server: cafe
etag: 6715014684613557402
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 18:51:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/ Frame A2F3 10 KB
5 KB 87ms
25ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dudasbecasmec.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 29155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 10:45:37 GMT
etag: 12368291122986407432
expires: Mon, 07 Aug 2023 10:45:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
463 B 60ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dudasbecasmec.net&callback=_gfp_s_&client=ca-pub-4613056743218913

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4613056743218913&plah=dudasbecasmec.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9878829abe8f9e3995c84c30b61ef664b69565a10515cae45461110721b62719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C43E 186 KB
51 KB 1769ms
1768ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&adk=318159125&adf=2184669829&lmt=1690224692&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fdudasbecasmec.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692315&bpp=6&bdt=333&idt=224&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7560411078779&frm=20&pv=2&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=246

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58ac5cd71e7cc587b01bd9c3044e29d633286e082f20d63391b6d33505df6ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dudasbecasmec.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 51906
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 18:51:34 GMT
expires: Mon, 24 Jul 2023 18:51:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F402 436 B
426 B 1222ms
1222ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=8647477186&adk=2199126465&adf=1183378421&pi=t.ma~as.8647477186&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=1&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692321&bpp=2&bdt=339&idt=247&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DCPc1ZWToL&p=https%3A//dudasbecasmec.net&dtd=252

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb57c092ec92360acfd79752bd43a42d2ef0f1663388c8fe005b9e2ad8ffea5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dudasbecasmec.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 18:51:33 GMT
expires: Mon, 24 Jul 2023 18:51:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 84D6 436 B
234 B 896ms
895ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=5935018788&adk=3741108514&adf=3950792817&pi=t.ma~as.5935018788&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=3&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692323&bpp=1&bdt=340&idt=283&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1095&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yK800UTUu8&p=https%3A//dudasbecasmec.net&dtd=287

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e382572afe26191e47c32a55fe7c19685c3fd6e7c9c8a7898360c00c32f96ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dudasbecasmec.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 18:51:33 GMT
expires: Mon, 24 Jul 2023 18:51:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F452 436 B
236 B 315ms
314ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=8647477186&adk=2199126465&adf=71616312&pi=t.ma~as.8647477186&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=1&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692324&bpp=1&bdt=342&idt=291&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=1515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bsCdhJIoeS&p=https%3A//dudasbecasmec.net&dtd=295

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8165504ba0b5c682d0afcf77fdf53cff4ff004b8500d8ef327a85c899c115a5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dudasbecasmec.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 18:51:32 GMT
expires: Mon, 24 Jul 2023 18:51:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 911F 436 B
236 B 201ms
200ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=5935018788&adk=3741108514&adf=3556442258&pi=t.ma~as.5935018788&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=3&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692325&bpp=1&bdt=343&idt=299&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C680x280%2C680x280%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=2418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=6ALbxWo8ED&p=https%3A//dudasbecasmec.net&dtd=303

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3036d99c28f30426dc380fad78d058d3f07add392c86ed4a7ded87f5d6a2749a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dudasbecasmec.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 18:51:32 GMT
expires: Mon, 24 Jul 2023 18:51:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A879 88 KB
28 KB 379ms
379ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=5935018788&adk=3741108514&adf=3025478643&pi=t.ma~as.5935018788&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=3&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692325&bpp=1&bdt=342&idt=309&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da0da629ce67268ea-22164d65e4e200c1%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZbsv1oX_L2Bo1agIww44Gu633Z2Q&gpic=UID%3D00000d127d66684e%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZ8v1HqsRk_E-G7LTDEWQs462j-vQ&prev_fmts=0x0%2C680x280%2C680x280%2C680x280%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=3311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=TpZrgUYl09&p=https%3A//dudasbecasmec.net&dtd=312

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d1dd722ef5401134e25d1d8dbe1dfd0d418c135d6602573cf1deff32bf5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dudasbecasmec.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 18:51:32 GMT
expires: Mon, 24 Jul 2023 18:51:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0477 89 KB
28 KB 261ms
261ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=8647477186&adk=2199126465&adf=3898532148&pi=t.ma~as.8647477186&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=1&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692326&bpp=1&bdt=343&idt=315&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da0da629ce67268ea-22164d65e4e200c1%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZbsv1oX_L2Bo1agIww44Gu633Z2Q&gpic=UID%3D00000d127d66684e%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZ8v1HqsRk_E-G7LTDEWQs462j-vQ&prev_fmts=0x0%2C680x280%2C680x280%2C680x280%2C680x280%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=4477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=9EeeAjhGYF&p=https%3A//dudasbecasmec.net&dtd=318

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81c587dca31a026a61fd2b42b8e43d02baea731f281a7faabd987c8306b2dd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dudasbecasmec.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28527
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 18:51:32 GMT
expires: Mon, 24 Jul 2023 18:51:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 0477 23 KB
9 KB 92ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=8647477186&adk=2199126465&adf=3898532148&pi=t.ma~as.8647477186&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=1&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692326&bpp=1&bdt=343&idt=315&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da0da629ce67268ea-22164d65e4e200c1%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZbsv1oX_L2Bo1agIww44Gu633Z2Q&gpic=UID%3D00000d127d66684e%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZ8v1HqsRk_E-G7LTDEWQs462j-vQ&prev_fmts=0x0%2C680x280%2C680x280%2C680x280%2C680x280%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=4477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=9EeeAjhGYF&p=https%3A//dudasbecasmec.net&dtd=318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0477 8 KB
823 B 36ms
34ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 18:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 18:25:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 18:51:32 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame 0477 15 KB
3 KB 110ms
25ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 19:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 17:29:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 19:15:24 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame 0477 375 KB
129 KB 110ms
25ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 19:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131779
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 17:29:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 19:15:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0477 20 KB
9 KB 88ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame A879 23 KB
9 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=5935018788&adk=3741108514&adf=3025478643&pi=t.ma~as.5935018788&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=3&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692325&bpp=1&bdt=342&idt=309&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da0da629ce67268ea-22164d65e4e200c1%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZbsv1oX_L2Bo1agIww44Gu633Z2Q&gpic=UID%3D00000d127d66684e%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZ8v1HqsRk_E-G7LTDEWQs462j-vQ&prev_fmts=0x0%2C680x280%2C680x280%2C680x280%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=3311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=TpZrgUYl09&p=https%3A//dudasbecasmec.net&dtd=312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A879 8 KB
750 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 18:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 18:20:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 18:51:33 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame A879 15 KB
3 KB 64ms
63ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 19:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 17:29:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 19:15:24 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame A879 375 KB
129 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 19:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131779
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 17:29:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 19:15:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame A879 20 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0477 0
225 B 848ms
280ms Ping
image/gif 2404:6800:4008:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lkh853zn&c=4568682928936&slotId=2284341464468&qqid=CODql9OBqIADFZlTwgodOlUMuQ&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c00::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 18:51:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0477 15 KB
16 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 179238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0477 15 KB
15 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 228066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 03:30:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0477 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CT3lfNMi-ZOCAKpmniQa6qrHIC-ThkKRxjauc8rwRr9uivcABEAEg-5OpLWD7AcgBBakCbJQiOZbPpD6oAwHIA5sEqgSOAk_QLamjjpKWBGAUFGz-sOsHUGHyydgg4yCdxqKoZSz60yoK8jGNleE4p9jFQFTA6yixaKyLLPALHtamCtXku8VUfN29quskNHxryeWhMKEFyqfVUX_2wInbMPvdme_MdoAOE4oNASIsZP16VOVMs5lYHOFouCL6FxfBkWKYla7YAm7LpIU40bm2uQdpoJZWaAOzTEpShkU5AbZavm0yfR4Ly-p9Xz4rCqklckLgke1M2QZ4Wv0EEIo7ToqSSdpEf62riNKCkujQ92_CUiVouBkLv4cjTmAgCWur4CBNdcE0PqDCDaynNGz39BSV9zmgOfJBg9oLdzXkpp4TeUFs-0pAutAD4dKAiQ_AbHXFSMAE3ZLe_KoE4AQDkAYBoAZ2gAf1mZvCAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBOg6IoUyBP4zKDjA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1690224693121&ai=CT3lfNMi-ZOCAKpmniQa6qrHIC-ThkKRxjauc8rwRr9uivcABEAEg-5OpLWD7AcgBBakCbJQiOZbPpD6oAwHIA5sEqgSOAk_QLamjjpKWBGAUFGz-sOsHUGHyydgg4yCdxqKoZSz60yoK8jGNleE4p9jFQFTA6yixaKyLLPALHtamCtXku8VUfN29quskNHxryeWhMKEFyqfVUX_2wInbMPvdme_MdoAOE4oNASIsZP16VOVMs5lYHOFouCL6FxfBkWKYla7YAm7LpIU40bm2uQdpoJZWaAOzTEpShkU5AbZavm0yfR4Ly-p9Xz4rCqklckLgke1M2QZ4Wv0EEIo7ToqSSdpEf62riNKCkujQ92_CUiVouBkLv4cjTmAgCWur4CBNdcE0PqDCDaynNGz39BSV9zmgOfJBg9oLdzXkpp4TeUFs-0pAutAD4dKAiQ_AbHXFSMAE3ZLe_KoE4AQDkAYBoAZ2gAf1mZvCAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBOg6IoUyBP4zKDjA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 18:51:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0477 0
45 B 830ms
282ms Ping
image/gif 2404:6800:4008:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lkh85403&c=4568682928936&slotId=2284341464468&qqid=CODql9OBqIADFZlTwgodOlUMuQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.dq&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c00::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 18:51:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 0477 30 KB
17 KB 114ms
61ms XHR
text/xml 64.233.184.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AsKmoAqKRWARNXa-WolFcWDFujs4veo18y147b5hccQCK1C6UEA5ivD-D6QxpDyN2kjCIzzglI8E9BJIVbuKNgXqcS7g&cry=1&dbm_d=AKAmf-CTzOerNuW0-K5qjgb7N-QJ5kGSjpjmrGKobCNnmyN-U2SYZd4ujauTFkJq92UbOeeoOrr4zxULZix8wlhF5cLcFCWP8Iq1bJ1KJanuhL0jMy_KegWl7VvjlvuHeZ_Ans_xJWh3iK-HkZVgB3rvnvNczXl5Oisru_WkRZmJ5ymX5Z17cfmxvwO6iKKxnR0A-N3wozruki9dJbfchuNaGFbUXzzMpVdGZrPBO9w-pY6-I2TUQRLhRtHLjUFOvFj7USuvalGxQ8SwC44hNwQq3P4TfevlLMxCmqRFeoo3JRUai1PHgYf08Kum5RYe3yc1WFFGdNzbWkV1_yjKSNykV_GMS_HOT3bTg0SQWUDWT8NJHUrBlaI1TpXsR-Be-EhW4WoBsS6_JKnN9Ri5fdvqSw3ee3cY7l_8MrkV_DahYNYSib0VuLp3ARDxNRyDzUWw50UrxmasOj78AWTii1IgxuCDMQS013Pws2nisFgcmHLMmSXRNppylGr32A-xRmf2suZhQloa_P6Li7ZJTKYg_WvQJ8NpxzkbOw87pzbS5wtawOdO1svURW72g1-maGobwEae0nh8FkYROSYCd9y6OoUrhHz78QHoiKoD82-ax_n9FsGkqtkrdKpNPsZ-X7QLZjLuK8oMoKSyEx2QVxbki98RrBVLHuX3Y2UvxJr17d40RucDEYRjU2dZoT0-137zzjjngj9gHnVRmzrD-nQiWcbMxt0mzA0uDKb112M374ZPaysuO1jL9I25PFIuIfueixSjcr5UtHU5x_sLzDC8g77tHMcgpKyqEaO5IlFDbbRxOU_j9MwJLGZ3mssXZVhGbePSl2cD_z960IU1mPQ6ngARyqqwXcmrbjM_RvtZoZKw_adn7F3bbOhceRqjReUWPZ8F5Vl5iQtAkthK0OwEtRQH8TXGy25MibrzkQRXeaNKmUa1VuykNtQFcdi2sYxbHax0TTYmFsAcWxUbr7bH9BuVHFvB4E5a-bJplOo2Mds2IfLJ-lJTuBAmnLjOXPWWq293u5EdnRic-OEGC1-wv0zP3jjys831xfBqCqvZS8A1fvkTg00wMV5_h2hq_qnZ8u3qdw2twmDYAI8NIE8IIjLrSSIhn1qNwLWsuoq31uv-asTWDEqaoQUopLrNwmsIqKRncrssze5W-niMQfk_wDoCI3PPgr5u9WGt1aC2iKP8IzHZfEA6yZuKTQpYcPj5Zq8nN-t1rHP4UNdwj6m_LyWgJ-GpmsFoElMxG77U3Nho6KNnNkpZjELfn97aF9cl3h8fHuqroCHTvJOoaBk28rru0RyCMHYS5E7PkkV7aNflXfZvftby0-wbADBg8pbjQ9Ihtey2vFlyDbO2LRYbBS_hiOs5UGq88C_jQtBavrzcJUHJlth0R6SeDyeJ5de5vYfFW4Uju3r6sHORyf-pBQjJy2YCx4cixa7TSfI0DsXuG04CjDlb9mUQoyl37p_SJOnFHgdbygktDVF5pjxgaliFdh7oDJG5z6yvV0nsMlGdPv1dLft_ykgMeTe7EKRAKinAZSi4QrhdVRnuFMPXwQ5OE6nJbvY1n5HaUGCighbFO8nrypBgFV7txDpvB_ioJjI5iKuviPUdndO5BCfF2FKR-unuuNT4ApFpdi43KiSufE2GZeFFh2BeQRcG0_WIekP0PvSvLaRJapIuydNNQ85548eehNDSb5Nio5_TBZNkps_j8t6wZgXCOweNAGLamV6jY0U5u9VoVn73o6UDaiaOf5mhWWz3PIjPFaGUZFbMDgMta-DKBlzyGNbhpZ4QnL6DDGh_XYC5owdgHNY6ltxRBkbf5KOzaxUyNwFfB6jHo114GzjqGPtwxm6QzbKt94qGuklHWfPYF61MDWHsIfLVm8PEiZYfyaMoMRT32tXDyAPTNWIDFK9vcQuVF6Lno0nbSWpJFrJTj4ltTx321Jlow7hvPVN2RMDfyW_IPfZ8BBuDBBG3pshtiOdpUz5p8xmrFICSXQvUFWbSvLw-i_YBeYAH0Wc1F2ew3LxI9QcvX4_FxLDMY2ZS2nWSwcjYWMqGwG5ABxMLIuFtiXy83LWZZr6kQ3JV2VN4Fc0tteoK-Cwmaa5kXOx85-hMKtqLjoSwYODb8Z5aX3Q__yknBKTCL3Hta2It3iUl9r6TICPE8GlKzJolPl396POurplC-v7_GjH-zz1DvSvj1hQP-U9hV0OmiaL_e3BcqjpSC6AwAqfSmX9JHA1CO2Am6Zc6LxHRS0s1HACQd1DG_bcanlzjzDvZ9LvNTDok-8_PJreL5vy22Xmn-ZZbncuF25DgfMyx3b2Brh76uDsNyuUKtpGYBqYsKtGvzCUbVaEACgn6fIY-vC6KQv-e1YcwQpWQWqmAopZeG8YnRGSVcBxzAOr9bQ2A8BBzc6yuWLl-znx0xM1DbOj_6DfpuEsEnBKwULbQJ0ecWTRHRBd7r8Qzd65_pkj_ytW7-H-oOMqey0X4dVVhaI1vgQZ60vCZw5D2bRQM8F9gM0PGQHgXB65M8_sFq_X87o8AS1lXUJ2JU01eFIrjSXfTzkWU62s-TWsL8O2Zs7iWs0AwVTS1tPliuCMDEQO21iiovBbDjmUtYPHoVdDw2_ofuZ73xcDvF3oKmlio1X2dNur8qIT4s_4HKDe3YUeOA2WLp0X4jbgj8kZXd84jSU1-lW1XNZ4NtRYjHfmCXmcmaLOzwRJYYHIjWA1WQo2Zjg3-0lQwucrVRx-92naF4N9Uha58UVVlqbCAFfT3Ug7VOqIcdykHRGYtrJpPxti3Akn2-5jrKsdZtEsxtk9zprKeFCOUx34Zk58bpQ0fJez_D0M13C84yAUTDDkc1XJzRounQsvJfJvEM_Cl3_FdcbI9mj0yIJM_BMj2iLT9cXDQSOyDGKlXPudMsxXraY-j7pCMNRW9S_ZjX8X6HU0-MaOWjRmL6lmG2F0qBBUemzzz-BwliudWJm4PH1g4BpPDErPwXGOKHKfYWWwMYf5EWSpZ-oHcEaI5XoyrjY55klQ4gjP-q_lWnmp3TZbquxhAzVw7qzGRBdJaenmxDRmlfz0X1RGYgKm6D-L3r1nuVKZ-xtKBiAXfnQ1xV-tb77lz0bU4t2wZpq_b6R2yJ8wqOHEfLZ_4-wOsDTI76qLyvgX4HP38WQRVp-sMRe3jX5Stz3p-wG8E5ZXFogbPZnhYK-kIWdse4fp-v20PZOT2v-JXc2wRrZbjq9Ix0A8OygRWWOtDZGmS-ai-eHVndbieGGylVlL44tYmuI5-KOx02leho59FSEKbOafBJlMCQqr3_MMRkp2viH-yeg2kpA2l0CQ3T-5NssPT2jCd07rmxQxukOmEHCZN45BRJ-RgeUaJ0khdRrsQFsgBzNhLdr6uHW7EkEQMxr7eDBY822cgg-URkLjPKFOQUt4XmOu4O1FYSJIoTW2vDwYKhFyictIYvPQ3eBIwxCqm1XW_z3rOTqfSI3n7RJR2CEITMHJN4DQ107iBldcwTFGtM8COwOuP0O6m9w7wEzO_BK6p1q3CGPi9Rhxl4Szjy5zNf2tT3pcdJp_TiDoM5DDuTIl1cAhxsOr5xiLynjsSAJ-5ePxecm3sHbQ3Db3Rn1mbAOdDfs3ihXUFbSDK4LW_TxqOXQjTCPedn4X-rqipz-yZE22nnz0klP20yGCpBH5iRO7smX-hMlUv7b4xGrbF111zLHowpKc&cid=CAQSTABpAlJWwTVEYCZks3MuXleLYqgENPjRYaoruhehuj28EuNlBabtCI-14G5caModRX7T4r7aM96tE-MU_n19isVbXylH_x7vscwvJfkYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f157.1e100.net

Software

cafe /

Resource Hash

abba89ff1fb0b07e06927acf2971032412ad34eb9db7988c8d43ac03f8d31983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16736
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A879 0
45 B 812ms
281ms Ping
image/gif 2404:6800:4008:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lkh8540t&c=8084704225868&slotId=4042352112934&qqid=CKuvl9OBqIADFStIwgodxlABDw&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c00::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 18:51:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A879 15 KB
16 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 179238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A879 15 KB
15 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 228066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 03:30:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A879 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CXb9ONMi-ZKvFKauQiQbGoYV45OGQpHGNq5zyvBGv26K9wAEQASD7k6ktYPsByAEFqQJslCI5ls-kPqgDAcgDmwSqBI4CT9Cm6ed_-ZMMg8uuc9aGroUo9deJ6hudnbTSqUesWrAkTjtivkmZ6lcY0TyXnlmZRUvCQaoCqJe6Ro_qX5wqs3cM9U5_MwS5dbmkegWhlKgU9qCPvegGcSCfrsiPyuSjPCEETiKoWzn4mg_owor42-b7o--v3hoSTIVtJZcH3MlrmumK0O75M3s12BwZOPokBaTx-cXim3mjLe39uqxmxKbWOpo28Byq-ZMm6DaDK4F1xpMKtjLusQES6-h9iBwagiTiWrNgE59Za2VjJ0c7Tl1ISbHx6cW2NAsm_3NLdWy7MhHsoBOu0kukGd_eYAkXJ8x6D8Zfnk9e3eYDsmhwLiivvPNKZhiggCY21VfwwATdkt78qgTgBAOQBgGgBnaAB_WZm8IBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGwE6DoihTIE_jMoOMD0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1690224693160&ai=CXb9ONMi-ZKvFKauQiQbGoYV45OGQpHGNq5zyvBGv26K9wAEQASD7k6ktYPsByAEFqQJslCI5ls-kPqgDAcgDmwSqBI4CT9Cm6ed_-ZMMg8uuc9aGroUo9deJ6hudnbTSqUesWrAkTjtivkmZ6lcY0TyXnlmZRUvCQaoCqJe6Ro_qX5wqs3cM9U5_MwS5dbmkegWhlKgU9qCPvegGcSCfrsiPyuSjPCEETiKoWzn4mg_owor42-b7o--v3hoSTIVtJZcH3MlrmumK0O75M3s12BwZOPokBaTx-cXim3mjLe39uqxmxKbWOpo28Byq-ZMm6DaDK4F1xpMKtjLusQES6-h9iBwagiTiWrNgE59Za2VjJ0c7Tl1ISbHx6cW2NAsm_3NLdWy7MhHsoBOu0kukGd_eYAkXJ8x6D8Zfnk9e3eYDsmhwLiivvPNKZhiggCY21VfwwATdkt78qgTgBAOQBgGgBnaAB_WZm8IBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGwE6DoihTIE_jMoOMD0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 18:51:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A879 0
54 B 808ms
282ms Ping
image/gif 2404:6800:4008:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lkh85414&c=8084704225868&slotId=4042352112934&qqid=CKuvl9OBqIADFStIwgodxlABDw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.en&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c00::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 18:51:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame A879 29 KB
17 KB 87ms
55ms XHR
text/xml 64.233.184.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BtSt1H3Rd5CgoX9oUzuiQ6CkDMaNkv4rAeI9QgN5-9iozDYpDzjjvvrc9JSt5dTltDrnsZGDNQpMzqTWdlHU73v-yFqg&cry=1&dbm_d=AKAmf-BHJtjjoPK0HxhDpOcZrct91OaLLoxg3eQKyd8rJjsFyjO9gc5UKDP--ArgguVmKokk7C4K7LWRyqN-VuaTQGfF73Lxjft35gssU0yzvmcKLbAImW5LLKC4VDL17L_ox1bEbcf2hQI1P4wGOYVSaxjOrSkQRaxMP3pf4LQaccO9zO-JJ9YX2j7YQuxA0wCRDB8eVn9V8gxrXKkEtEaaapMPub3_ysDAWwLnhGLKJ3Mf9AOjGiuE8vykOTTKvuPE9S4kQoV_cKA4Vt2-eKVXkfRAtWh7RjCebu1eC8Nee76zWJVHGgRVbMEqq51kTZaL7XZH0POo7HyFDu0Pn2Q1TR8QkWW4nszPXsQxOQSPiL6hAsCgekvL4rWD4aOVSjlZCHU5yAeaFqhMHjJcaIxoxBGzeSeBRLbOAtD-06dLBU2L6hcXJkfxA4F0JahbCwh3p9Emr4j9cdS9B_0Qxa9Xeq2oeuieNlmZcMiDGiI2KZJ71BUw8ca3cl_1afw3Ijc6s50bRFbPqEcuvcH2EEGlZNJ2yDMlD_U5xO0agNn1qVAfbXt3JAkZrzLLbV_tUBSmUGPfWhSc7m7wM15OGNfBBfAgJ4iCxv2cfP7hDAzFH-TTeE9D1KOv529kX1FrruFymauO2b03ksBMC38WOgSGfMicXmQs_8g8I3ZAmFlo-yiQcXf8Cqs2NuDFnkNHUjUxEhfGziNOQryJeFIFUGsJa3OOdx8HCRU4KD_5vpY41de_il3RuITWhGKB3Zl1XNz3Ip7L8L7PEy8dZ6uRbfj_AFChqZUw2q0-axTbxAyXyHK9qyqO8wThoXWmrw3EcOQ3_qEEAzmgDoVXVnzPKaNclAw6QnIKkqjFhIGUcNoLInhR09ro8qVzpfv5SbPF2t8spD2DQYhrPA3MTkykhXEpw4BT7hh1wNMqVuw4o4MxJmK_6fG16WJxlUUph_3tWig1axhoIDYqShTm-if6Kxl6qKRfbZ6X5THO3eaUoqlt125Bjv98QGaiGBkqNSXR-XqgkXldWLYOFey80CS7Eb2z-fd5gT_6q7UJcyFD82yYwU0sCB2WHznAE6CbDfVPABoT_OyayNO_CL-4mSINJsPMTHfuCplLOhFJoaQZSEHasSs30tU_uXec20mnMT4yFPi0NOlAMhmDdX3CZrInH5YasAELTBvMD_ZgB9gzBzqOHmqyLTXzE8izWhz8NVf1SveiOvTp59qcnH4UAhNCzdwH5i0e98p6V21__cwToEzBqaru0sEwalK0UXi_0-OrSZGz8qoaLGXvHWQi57QO5pGvidp4UbwgJQG0AmHZ4CBav0UwD9B80hlgHU2YK9sJr_bcNCWZorJjsDWJvR9Ux65L0TfwCk_ynZZFz9N0cq9-vcASBISJvx5JWhELDZoemXa4w5-bRBeGBvqO_hQ3mpdkGzLPRHg46YjY0AncOnj5Tg3yq1DMiQBxaNkzENZ4Flhq4Q5QM7rz-urYX7auSxf2j54ltUEvuFz70SsGuyJTdtjBC7c_EaWNtIjq2zRIVAvZ8UJoUeGbLMIvswksg2XywgLpsn953AlhvPDQgmof8bpWhiSL5SgCkD77HYgcunwk_ju3EWNeLIn7QEiy6R6e20voeODc9z2vLaHFac0E7nqYQQTHAzGQUny6LrlhEAUebSrtxhF5jAChya589PHDzvoOegKmg5lVOub6e2Dat_ZKVkLazkD22dENZShK86lc6KQORDgtcKkw49lqqh-n0vGjPY5iSIp4N494RRgJUaWu2-CHB8VwgDSPAoLWNFhbtBnFg-F0oFJxo7nLXWRghu8E_lCr_8FFX4Jaz2R98qvYWFqkYPe7pFLlIhb627ixopmCteR1y_iv3rRzE_ZCS-a8hgN8eVhNdY6MADU5Ew2nj4zCbGNEWV8F9n-fpHOMowpwK4-ZParsLnS3C6O-PA6vEZaMW9BX0PNtU8zHkoqLp_hOzekKNdwZiNwzia9ivC7APOJ_NR-1HQtb8MyLpIAE4GtBoIkaUXwrW3LHbjAwxKR-z0UHCEpndoRZsy8LUw-ujNAwCgKt5TKg-sScA9C5B3BXjgtq0vTnhMqDM_IAYAxtGpDVeo0yhd5fjtIU7Pf0axv4YPIyGuP2NugpFuJl2hSDOlPLvsx7iF2fZSpvLohtw6OceFKCa5emrAxd4Br3Q4xq6ApVLZxySS2GbSH3wFdMvuLxzC0oq6NkssYM8oZ47_bFxTEak-R5Lsn7FkEUmFdVjSIuTKXM0TfMcXZsN4X-lc3_SjTlEKgyWUKiijJjf3gaZauuDcQF-SjH5zK1WPLKBTVeo0KCwIFOZllbCIybIOqKKUMlUv7Ry8ZsyZwxxC-3NU0RwXu-lZfJ9rUrkNSO16psmjWZL6h6RAYtOpaVisjoa9c3S_UTS1Jf3s09QGx6EKR29zpSETlFWP1N8BI18e4FllsWhNTM_8JOaac25tK-Rskbp963Hw3gjc-ubGGmTDkDo5yFpke2vWts5NbI8r8XPzqnx9AHkBBZnEKe_GkEAMMGD2lSwoG78Mkyl9MbNlWn_5PNbwzTYzfM8NiT04ppdCLmnan9JX00ku8jqRN_NdmKUIhI3SpArOkx1wFh7r7t_IMuOb3hk0puHXiZbHLNehis0t5hcPOaJiHZIs2TgF7QACA34ZDaDnM1gA2FEGkPObDAwaNVgYCNjfW-oFWaBZgtwrLPAKJayQo2cntzHyciJyZa119SoLd9INTMLpUdKqv2Lc5As9hRy4UWYQSTDbydMJE46PVLbGlZYcavRiTjCuR7mITstiaC3kr8VBgwMrgfhlX03Y5CuWg3MRvzgzX6-6qK6n0K8wcUWIO7OhYedAm7DxcLs-aau4Iuv-SFGRLnG0AFn_mdi1HjWHjt5KyicidMEOukOwwaHAC5lF-n5i_R8zNWWKysMfMibvuhlHs5HgJ1cln7mf2ACEcj85bJPSOI_JwefkRAfqFuM7OspGFoIxCzlX1rQtTbCPZzL4huQ388QWR3YZ9iCX20iPjB-rXsfn8Q_0XfvfCFe-zEvy0C1GAMlnFM_OR0opoxGr1UIKPZTx8vRGxJ3sZllj_hesaxt8OuMzPz4wtJE36Fu_l4vJ7_1OCnqK2vgLfmmuFdw7WFJKoLjdDSSLVaRCuN971dPMi1m16Cb2HN7tqj8XSuOHcsTBcZJRc7Mzt7ztIAoDUqmHiUCXIqHWYsxnWqKqjRJOtjpxJLF_A30u5WJ2CgTwcmlrJODCBj63Whh-W7xj80_-PE7YXXib5Cnfi25fTXwyKX_ls5OEy-HWP_uubHeJwLMx-frNvFZ4xHio-21ZLuVoY2EZ8VbUF9gmLvewii0K7swkc_ZBPBGTce5kYPfY7purh8UKXShdErJV_OfDgSXxD95-kVZTggGvQ2Y_59Vm4uidPLoLTDzHzinV_yNSHpTDJ8zU7Zj_owwcMAl9bTpKQSx5VZBObpmtEK3T8V5b8Fg3n4WM09lqlCoT4kfO45_5AicJixf-ff1GSRPErEMi_KGGQadm1-FsZDZxunlL9O1FtoF7OrNx-dvnLlk8iNEVHP3F_laqEhQUTiS3HDdfP1u9MSPpVkojzCVkyM_i1zAo3SoMR84_kUxaNdGESir9BObbzf9w4mho5gIhvKjLhi2kCW61AjykL7Bz0u9acNLPGd1-ivhTotrUKuIkuc_kEPaYU&cid=CAQSTABpAlJWfH_NjXD5CnpLrRhflUo8j8kyTFtihAK1tUVWrpPSQZ8ZfiwKws2N8kDWRHHFVLMAm-6Sll0jPwbXjyHDKFdJotIPwUuIDpEYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f157.1e100.net

Software

cafe /

Resource Hash

086a1104f79ae370718dafc851e25373597af1f78c21f5909b9fc82c685baebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16639
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0477 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 368f84506cdd8ebd689a5845b589da5364c11cbe8411723ca597c2ee4d3a7e02

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A879 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9edf24c02c86d3819e20217af679682ffc0496a54fa782b13a7e2fc7ee4d1df8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0477 0
23 B 64ms
64ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckmy1NMi-ZOCAKpmniQa6qrHIC-ThkKRxjauc8rwRr9uivcABEAEg-5OpLWD7AcgBBakCbJQiOZbPpD6oAwGqBIsCT9AtqaOOkpYEYBQUbP6w6wdQYfLJ2CDjIJ3GoqhlLPrTKgryMY2V4Tin2MVAVMDrKLForIss8Ase1qYK1eS7xVR83b2q6yQ0fGvJ5aEwoQXKp9VRf_bAidsw-92Z78x2gA4Tig0BIixk_XpU5UyzmVgc4Wi4IvoXF8GRYpiVrtgCbsukhTjRuba5B2mgllZoA7NMSlKGRTkBtlq-bTJ9HgvL6n1fPisKqSVyQuCR7UzZBnha_QQQijtOipJJ2kR_rauI0oKS6ND3b8JSfWki7JgtwLGyyMd650yggu4oUZdyYitjbmaPYt_9PY0r3FFXMIox9iVv-FQdw4P40UDXUr4mL3BtwBL-LA46wATdkt78qgTgBAOIBdqd6NNLkgUGCBsQAxgDkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAf1mZvCAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcJEJxyGLT27O4B0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAbAToOiKFMgT-Myg4wPQEwDYEwqIFATYFAHQFQGAFwGyFxwKGggAEhRwdWItNDYxMzA1Njc0MzIxODkxMxgA6BcF&sigh=KrssSuLoGOo&uach_m=[UACH]&cid=CAQSTABpAlJWwTVEYCZks3MuXleLYqgENPjRYaoruhehuj28EuNlBabtCI-14G5caModRX7T4r7aM96tE-MU_n19isVbXylH_x7vscwvJfkYAQ&vt=10&cbvp=2&vis=1

Requested by

Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=8647477186&adk=2199126465&adf=3898532148&pi=t.ma~as.8647477186&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=1&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692326&bpp=1&bdt=343&idt=315&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da0da629ce67268ea-22164d65e4e200c1%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZbsv1oX_L2Bo1agIww44Gu633Z2Q&gpic=UID%3D00000d127d66684e%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZ8v1HqsRk_E-G7LTDEWQs462j-vQ&prev_fmts=0x0%2C680x280%2C680x280%2C680x280%2C680x280%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=4477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=9EeeAjhGYF&p=https%3A//dudasbecasmec.net&dtd=318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 24 Jul 2023 18:51:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 24 Jul 2023 18:51:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A879 0
23 B 63ms
63ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CS8SmNMi-ZKvFKauQiQbGoYV45OGQpHGNq5zyvBGv26K9wAEQASD7k6ktYPsByAEFqQJslCI5ls-kPqgDAaoEiwJP0Kbp53_5kwyDy65z1oauhSj114nqG52dtNKpR6xasCROO2K-SZnqVxjRPJeeWZlFS8JBqgKol7pGj-pfnCqzdwz1Tn8zBLl1uaR6BaGUqBT2oI-96AZxIJ-uyI_K5KM8IQROIqhbOfiaD-jCivjb5vuj76_eGhJMhW0llwfcyWua6YrQ7vkzezXYHBk4-iQFpPH5xeKbeaMt7f26rGbEptY6mjbwHKr5kyboNoMrgXXGkwq2Mu6xARLr6H2IHBqCJOJas2ATn1lrZWN_RqG7ztoOIw1BIsW47GZd0Bblz_fw-IJi0hXcY60wxwKF-HnlB8gj6EdT_-WAdoIiRFw21jNDgMZ0itej6GDABN2S3vyqBOAEA4gF2p3o00uSBQYIGxADGAOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB_WZm8IBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwkQvHgYtPbs7gHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBsBOg6IoUyBP4zKDjA9ATANgTCogUBNgUAdAVAYAXAbIXHAoaCAASFHB1Yi00NjEzMDU2NzQzMjE4OTEzGADoFwU&sigh=0OUx-DrjFOo&uach_m=[UACH]&cid=CAQSTABpAlJWfH_NjXD5CnpLrRhflUo8j8kyTFtihAK1tUVWrpPSQZ8ZfiwKws2N8kDWRHHFVLMAm-6Sll0jPwbXjyHDKFdJotIPwUuIDpEYAQ&vt=10&cbvp=2&vis=1

Requested by

Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4613056743218913&output=html&h=280&slotname=5935018788&adk=3741108514&adf=3025478643&pi=t.ma~as.5935018788&w=680&fwrn=4&fwrnh=100&lmt=1690224692&rafmt=3&format=680x280&url=https%3A%2F%2Fdudasbecasmec.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690224692325&bpp=1&bdt=342&idt=309&shv=r20230719&mjsv=m202307190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da0da629ce67268ea-22164d65e4e200c1%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZbsv1oX_L2Bo1agIww44Gu633Z2Q&gpic=UID%3D00000d127d66684e%3AT%3D1690224692%3ART%3D1690224692%3AS%3DALNI_MZ8v1HqsRk_E-G7LTDEWQs462j-vQ&prev_fmts=0x0%2C680x280%2C680x280%2C680x280%2C680x280&nras=1&correlator=7560411078779&frm=20&pv=1&ga_vid=143539153.1690224693&ga_sid=1690224693&ga_hid=587937679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=3311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075952%2C31076088%2C31076343%2C44788441%2C44797800&oid=2&pvsid=315620071843617&tmod=2000669553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=TpZrgUYl09&p=https%3A//dudasbecasmec.net&dtd=312
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 24 Jul 2023 18:51:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 24 Jul 2023 18:51:33 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A879 0
45 B 711ms
281ms Ping
image/gif 2404:6800:4008:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lkh85419&c=8084704225868&slotId=4042352112934&qqid=CKuvl9OBqIADFStIwgodxlABDw&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c00::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 18:51:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame A879 41 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jul 2024 04:59:33 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-aigzrn76.c.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A879
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-aigzrn76.c.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

131ms
23ms

Fetch
video/mp4

2a00:1450:401f:6::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-aigzrn76.c.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/261D508197F055F7747BC7A12E15892A78D7EDC7.71066518C57BFA361D5053F261A4D15FA37BB4EB/key/cms1/cms_redirect/yes/mh/vI/mip/2001:41d0:8:d154::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1690223367/mv/u/mvi/4/pl/52/file/file.mp4

Requested by

Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/

Protocol

HTTP/1.1

Server

2a00:1450:401f:6::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Mon, 24 Jul 2023 18:51:33 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1677787
Last-Modified: Thu, 22 Jun 2023 23:13:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 24 Jul 2023 18:51:33 GMT

Redirect headers

date: Mon, 24 Jul 2023 18:51:33 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-aigzrn76.c.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/261D508197F055F7747BC7A12E15892A78D7EDC7.71066518C57BFA361D5053F261A4D15FA37BB4EB/key/cms1/cms_redirect/yes/mh/vI/mip/2001:41d0:8:d154::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1690223367/mv/u/mvi/4/pl/52/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0477 0
45 B 694ms
280ms Ping
image/gif 2404:6800:4008:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lkh8540n&c=4568682928936&slotId=2284341464468&qqid=CODql9OBqIADFZlTwgodOlUMuQ&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c00::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 18:51:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 0477 41 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jul 2024 04:59:33 GMT

HEAD
H/1.1

200
OK

https://gcdn.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-aigzrn76.c.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

131ms
24ms

Fetch
video/mp4

2a00:1450:401f:6::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-aigzrn76.c.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13190349142A5548D3FB5766C2379A53B3CB271B.5CED959D1E3452BE70E887192860301E5EC6FB3F/key/cms1/cms_redirect/yes/mh/vI/mip/2001:41d0:8:d154::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1690223367/mv/u/mvi/4/pl/52/file/file.mp4

Requested by

Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/

Protocol

HTTP/1.1

Server

2a00:1450:401f:6::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Mon, 24 Jul 2023 18:51:33 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1677787
Last-Modified: Thu, 22 Jun 2023 23:13:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 24 Jul 2023 18:51:33 GMT

Redirect headers

date: Mon, 24 Jul 2023 18:51:33 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-aigzrn76.c.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13190349142A5548D3FB5766C2379A53B3CB271B.5CED959D1E3452BE70E887192860301E5EC6FB3F/key/cms1/cms_redirect/yes/mh/vI/mip/2001:41d0:8:d154::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1690223367/mv/u/mvi/4/pl/52/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4C4B 23 KB
8 KB 28ms
25ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 43805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 06:41:28 GMT
expires: Tue, 23 Jul 2024 06:41:28 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame CFB3 23 KB
8 KB 24ms
24ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 43805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 06:41:28 GMT
expires: Tue, 23 Jul 2024 06:41:28 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C4B 38 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 06:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14729
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Jul 2024 06:53:03 GMT

GET
H3 200 0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js Show response
pagead2.googlesyndication.com/bg/ Frame CFB3 38 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 06:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14729
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Jul 2024 06:53:03 GMT

GET
H3 206 file.mp4
r4---sn-aigzrn76.c.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A879 2 MB
2 MB 52ms
26ms Media
video/mp4 2a00:1450:401f:6::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401f:6::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

51225e3760f3e57120acb6eafc40d832fe0ef0b62d807efa499e77c90a502690

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 24 Jul 2023 18:51:33 GMT
date: Mon, 24 Jul 2023 18:51:33 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1677786/1677787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1677787
last-modified: Thu, 22 Jun 2023 23:13:28 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 206 file.mp4
r4---sn-aigzrn76.c.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 0477 2 MB
2 MB 52ms
27ms Media
video/mp4 2a00:1450:401f:6::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-aigzrn76.c.2mdn.net/videoplayback/id/f8b2d476f1c2d39e/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721760693/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13190349142A5548D3FB5766C2379A53B3CB271B.5CED959D1E3452BE70E887192860301E5EC6FB3F/key/cms1/cms_redirect/yes/mh/vI/mip/2001:41d0:8:d154::7/mm/42/mn/sn-aigzrn76/ms/onc/mt/1690223367/mv/u/mvi/4/pl/52/file/file.mp4

Requested by

Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401f:6::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

51225e3760f3e57120acb6eafc40d832fe0ef0b62d807efa499e77c90a502690

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 24 Jul 2023 18:51:33 GMT
date: Mon, 24 Jul 2023 18:51:33 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1677786/1677787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1677787
last-modified: Thu, 22 Jun 2023 23:13:28 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CFB3 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BVHnoNci-ZLyVDbf1kdUPqv6MmA0AAAAAOAHgBAI&bg=!u7iluOzNAAZsPphkTD47ADkAdvg8WhefnkoxHOQeW7N7W5J4h0LtN7KA551J-3gM4aCXD9VXcOzCJ-7btCeFAskBMz3QRvSMWj0CAAAAflIAAAAIaAEHmQMo6bExb74Gaqu6R1b8DsQgJBISSBpR9F3EscWPvBiTmRwW27bYXjDqpHq-K0iRLLJ4Ja8wWa05AiNTpDGVS6k-d-1mEBPtTOUj8VS0KHbpVyxVfLXP6M5ZueMLqsMc7qnTL2ejd7SZGXIohU2gInObkvO68YNwAhsDhTZjlEQe_KydgTRat9o-mw_S5S3J6rNKr7EB_jGLcG2fVe4MXXeDXVG-L7osN6nt9xATbENbaMMidDSQAhpTFb8tzwmc-a6xPVAWYeoFlW3lHKJPuzggfP85qkx7rOK4ZLUXBcTFnJFJH0D-kdnyLx8lN2dQ0oJH-bB2TGAWPYWHaSrY-D23BXwJw8tTTaJK7Hh9O0sBw4RZwvEsYBmD0zIeKIjdNw8WOvAe1SydamPvhxcPUTJ_4Pdt2A7FheaF6obWLrgC0R9b0R_eQ8tz_hjUEk4UaLMDs8B-_F9GOU2PwX6ljzqyVX4vemrc-JhoiDpHvY17gnRa6bfGzDNtcTrxTgBqGV57KFZN5Zm2k60Cb3ke2aE9wfvyNSrr5bRidjTmQ4W93p948GF-xZpn_N4Mx_cpv8FCN-11VrXMqzf6fQV3HY-1IS6bnKrlkKfEx21BDck19q5DVA6TLpHWF0o8eH9owmW5JsEampDowrgCbXaN4sh5aeZagF2mt2GUz19vdHqEdUuRuoqCr_eKr9_Gx-IfpQxXAOTmsdPYuNhb9Q5AGJTQOaYGofswRfB7QIX1cofDxOc0Bayzlina-9z5SQ8INrgSsDlDGbqpiQCB0e3bz3Sk4yYT30a9SFnS12opy0TPvB0bz_tgo9SXjhhRW1c5O-ny1j-wglUlksKc-tkK2F5l4dILl32hT1f9AFc3Xm0lHvI7gu3jshzBkAIkAy3lHAdK0gEahduap2cecMmEKz-SdMVnhdAsv3dPM3H8XkELDLtInKnIjFWdnwtF09hbGEZ_5CKNwXVCAt0jzFbrdi5RBjGkgSPHHRHAgWFOicdwN2UK138BWad61SyNF0iSANBCO6ix_74doS_0tdYX-1RJXdDdK410DPwMUSO_MWUOdOLx-DKz_20uVA

Requested by

Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 18:51:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C4B 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BmF4uNci-ZMaIDfqlhcIPtYma8AsAAAAAOAHgBAI&bg=!SkmlSR3NAAZsPphkTD47ADkAdvg8WodTaLbvYnyLHXxEuJbl-z0-UzRocsO9B0W6qn_fZJc_v1qrAC0jqGT6J9WAg1HV9g7TCoACAAAAmVIAAAAIaAEHmQMBi13-JyB-qhxJYZsU6zy65EpW_0F0bQQ9ihDEDV8xRxZPJiIsNWJ42Z_wPugYwM3sI_AWHHp2b2V9wBgJh7yEnYyuq_j0Vr77Djb9Jk3GO2feZSqGljtUuigoTwuHSGBC5ZVs6xtN-cLZAgEN4xYXug6ndeSHQBF8HkHcboQ_j2WQ7lpH_Sg5IWTOGZMHefBBS2aWBZHiKEOHoynLFFY8sn_YvvWI15m9gDfeHgP9C1f-Z7NyzxIpZAnX978hiRINjloqSGaod_osoh9lm9_LLMwv0PROwZLQ8OfWHheoFBwgPMIq64FZjgQs8lyz-2hSVdMey_ewjBu6lOpGvZpkf87KSa8vK88uYlnBwA0DTnI_xC_5bh3KVKONaeikgtNm0ZZ_To0tmjfjojc6Y--cr-oAVuTNTKzGeMYarXr0DLU0--26jImgTCoOeS-dnVRjHJ7WIjqITAP5a_Q776t19HAxMBZoO7YO7y359lFXpccfqF7g5crHZlL4WNmoUjDsDFuFraXdGqOCo47_SAROgOKQlS3bzeA0gXV4BjUXfsCx1hUBKJ3bbYNh1eb-uWKYxt5D-fJIo0uWiNPJzH10aBSrIqOepqpzqZVVm8zpKEqDyJWPe2Frk-Wc5Fo1u-rJC-2ej7NkrsblkQtHrixuty3uBlFhMT5ii5T5GRu4UbQBXxZOiDNy5UjfUO17poEgYq2CgJNuR6i_YXMpLKUATu2HvaLdRyrOlJe8oRp9qtKu89DO1bF2U_wsH3POUUKzXQDa5ELRW_1NGlYFQtTYBwAca7k1CC2zATR7Elp5rYvfdfAZK-r5AX4HROvROOGX0kZHqbVYVYng4SQlG6Hg-4EFGfPoHXu7gtkO65p1bEqPLGykAIvkAaNXA9CaNbwXECMms8rYj0y309uP7wKkGwliUCXgravy-xgmQFwKNYA6yPWeXjt6R9VQ8zrKbN4SV1hN3rSEnejg53646MGUf_i6bxgFtIh_Xw2d5OLcG3WWmt9wTDxaPtS_yYsqNy5F-Q

Requested by

Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 18:51:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0477 0
54 B 280ms
279ms Ping
image/gif 2404:6800:4008:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lkh8544d&c=4568682928936&slotId=2284341464468&qqid=CODql9OBqIADFZlTwgodOlUMuQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=696&mt=video%2Fmp4&vs=720x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.hl~vil.s3~vfl.xu&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c00::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 18:51:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A879 0
54 B 279ms
279ms Ping
image/gif 2404:6800:4008:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lkh8543x&c=8084704225868&slotId=4042352112934&qqid=CKuvl9OBqIADFStIwgodxlABDw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=696&mt=video%2Fmp4&vs=720x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.he~vil.sm~vfl.y2&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c00::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 18:51:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/ 154 KB
52 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38c5815f1361a81c7a062d9aaf5b219be069c34862be903f7ccca78de2a89b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53543
x-xss-protection: 0
server: cafe
etag: 15134335908227750898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 18:51:34 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 3D76 10 KB
4 KB 25ms
25ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dudasbecasmec.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 17085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 14:06:49 GMT
etag: 12368291122986407432
expires: Mon, 07 Aug 2023 14:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 3D76 4 KB
671 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 18:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 18:22:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 18:51:34 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3D76 205 B
650 B 84ms
25ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 19:00:48 GMT
x-content-type-options: nosniff
age: 85846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 22 Jul 2024 19:00:48 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3D76 604 B
695 B 84ms
26ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:09:15 GMT
x-content-type-options: nosniff
age: 20539
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 23 Jul 2024 13:09:15 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame 3D76 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faefc7d5cb22f0899412f91aa8fcabe5910c50cb6faee897413b62ac324c0f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8607
x-xss-protection: 0
server: cafe
etag: 1206383197409669553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 17:54:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame AA78 2 KB
892 B 24ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame AA78 23 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B657 143 B
166 B 26ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 18:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame AA78 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 13:05:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame AA78 20 KB
8 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA78 179 KB
57 KB 146ms
82ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jul 2023 18:51:34 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame AA78 33 KB
14 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 08:02:33 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B657
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

41ms
39ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 18:51:34 GMT
expires: Mon, 24 Jul 2023 18:51:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 18:51:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 123ms
72ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04becfea39bdfd5efc0b35d9d61a2dd35822251699547b8e0891fa8f8d5ac4e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11825
x-xss-protection: 0

GET
H3 200 7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js Show response
pagead2.googlesyndication.com/bg/ Frame 1700 38 KB
15 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js

Requested by

Host: dudasbecasmec.net
URL: https://dudasbecasmec.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee24b7d07e0220e940cd65fff83465f04a9476309b49b932b4900c468c6e3082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 09:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14882
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 09:12:59 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 18:51:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C7BE 13 KB
5 KB 28ms
27ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dudasbecasmec.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 1038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 18:34:17 GMT
expires: Tue, 23 Jul 2024 18:34:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B4AE 783 B
966 B 45ms
43ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

26552fd01ba603c55c29953c37fcd2f24f0cfdd655042e86585b849b1266e5af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cAiLyl4Lt2FUtNDws9xVpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dudasbecasmec.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-cAiLyl4Lt2FUtNDws9xVpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 18:51:35 GMT
expires: Mon, 24 Jul 2023 18:51:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js Show response
pagead2.googlesyndication.com/bg/ Frame C7BE 38 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee24b7d07e0220e940cd65fff83465f04a9476309b49b932b4900c468c6e3082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 09:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14882
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 09:12:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B4AE 0
0 89ms
89ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=315620071843617&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C7BE 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7pznuw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 18:51:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
62ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=315620071843617&bg=!U1ClUATNAAZsPphkTD47ADkAdvg8WlOUEOtVNVZm2KqFXauXmPjzcKDJHn07xpTuEVxCc7M86m-StoUgj3FKfB9Ik_2F5lA-xjoCAAAAUVIAAAAGaAEHmQLtRs6DKSb26L_SpbGhDGysjPczmFLTvIuGL6TLatdF5rd8vvdbaLuU8MIhAuK8fJbMOB3igLHzaVdrrx2Ri6raE79XI7WM9rYbSes49efXKLn-1bQ5PLuPZWv2KDQid4LQc6IKUP5D5-Uf_2-olndkV3m17g5tUn0m0VeqBF8cn2ff1X06fTvcOV-LvrtNfxIh67WFv3leDFEcg5Z5m_l6-tePON57ILFe_R63cT4XpCCD8v0e02-JobH4128F449ymROpFEkK3ZMFFQoeFakuhm3K_J8Ou0kvH0fNHty_stU1eiBYvv0s21TP276ud6zhZgcjSQVPf8x0roCDKFvkWDVQSiRU3mJZ_L7qFObbE1-XExkANKFHY6NwDp30vhHugfXtlu68Kca4Mn_JoFuqF68gnsgEfvQJQlL9DlEvdoo0isy10p0a948xEAg2rRs86OeSFwwvwwiL_9adGk-fM6cXhiqjigHWUI35cyUCVHh9hWdkhEky-ivgHOW9eYuJNCGSxk648AqXCHG-jiuEUVXkV6E7nSnYx9ILn1B9Lfs_3cb7x63Gzsz3WMNc2QXALoS1233JQcMgBcbdHnmNHKysEIIoY2ZNkzKdxPgmDc2_n_2we597qjwrI13uR19p8KhMgkpBDi3s0fSm4Zuzkt8uS8h3zMvuv1M_sHejFrc3QQERfnG1V0TgKigseIwMAtwz54C-WIMo_fmS7JZhfm7fmKUsXzuI_N-_L8oW5TwVEZnqCUhr4I5W_Vr09aIpDmGlDQOL59ys_hEioZpkXQ35OjCJKcfA7SdwdKyDAPlYzbKWZj0tZ9nuZZPZ7-rkhLqXrHCFFdlJ-3qQlR_5cpdaXPiuGyk9OVNHSU4gZa9gEvNk0lIxbeCj0IH0vBQHyHWpxIE8dgGxqNZvk1f_PK6MALQeBU2zTN6SWb68Iucu0Ykpof-ZoqgPKrcKK4_fzR35Lt5hxTNUvw8Ci70BEGbdBTaKeUNSO3teF8Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dudasbecasmec.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dudasbecasmec.net/	1970-01-20 22:52:00	Name: __gads Value: ID=a0da629ce67268ea-22164d65e4e200c1:T=1690224692:RT=1690224692:S=ALNI_MZbsv1oX_L2Bo1agIww44Gu633Z2Q
.dudasbecasmec.net/	1970-01-20 22:52:00	Name: __gpi Value: UID=00000d127d66684e:T=1690224692:RT=1690224692:S=ALNI_MZ8v1HqsRk_E-G7LTDEWQs462j-vQ
.doubleclick.net/	1970-01-20 17:49:36	Name: APC Value: Aa3gxNrTtyibCMWqWanvctgWxuEvbhw3m9Vw7xWVRK59Iez2grTURg
.doubleclick.net/	1970-01-20 22:52:00	Name: IDE Value: AHWqTUkxbIlcU82qdz-TMgdbWGxyVZGusNUf9L3BjydDTFqOsIi4iZiLW_DtVeNgVFY
.doubleclick.net/	1970-01-20 13:30:25	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 13:30:28	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
csi.gstatic.com
dudasbecasmec.net
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-aigzrn76.c.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
2404:6800:4008:c00::5e
2a00:1450:4001:803::200a
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200a
2a00:1450:4001:831::2002
2a00:1450:401f:6::9
51.254.44.144
64.233.184.157
009b26ec1ddcf513dc03e2137356d0104f75d9d7f0f5aa1a470d948885c05f95
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
04becfea39bdfd5efc0b35d9d61a2dd35822251699547b8e0891fa8f8d5ac4e8
067cd0c0a2fb243e9f0e9a507c062d7f92892ffd6b6e902efef05d07148ec055
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
086a1104f79ae370718dafc851e25373597af1f78c21f5909b9fc82c685baebf
0be6b3c2792267329eb60a1647f57e623ab2367005ca1236515a9614ee2cecb0
0c087c3e6882fae966a431bb979d17bf8af58ce38101213a5eafa6c10bf7e0ac
144a5317c57fbfa1b8ab0279f3a4472b62e4fcb2c8db14250dcb0ef729422aec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
21ee22171895c6a78934017d624d8729e1a1641a71fc76caa34083b202ff3f74
26552fd01ba603c55c29953c37fcd2f24f0cfdd655042e86585b849b1266e5af
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3036d99c28f30426dc380fad78d058d3f07add392c86ed4a7ded87f5d6a2749a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
336e034338576edb2e49f967559810740f82de3003bf124f5c490451cd415d32
368f84506cdd8ebd689a5845b589da5364c11cbe8411723ca597c2ee4d3a7e02
38c5815f1361a81c7a062d9aaf5b219be069c34862be903f7ccca78de2a89b34
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
41e8d373b9d97d2006ac7790c8962b71668574e1342cd834ee9e6f40302bc7e2
463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665
4c81cf615e28eb50e455099fb1ab62210877d4fad703ead9d0f05b0bf2be44eb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51225e3760f3e57120acb6eafc40d832fe0ef0b62d807efa499e77c90a502690
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571156b6ccfa7700d23d49129bb2c1a2a328ddd4b3a01ff14f646b0d94f5e7aa
58ac5cd71e7cc587b01bd9c3044e29d633286e082f20d63391b6d33505df6ca9
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61411205b331a61449d5cdd88c4ce42581c9cf5720cae727145e5564528fdd46
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89
694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477
74ca31818d9864138e6877765db5fec0cfced55df507025c113e34142c2178b0
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7bad84a1cd727986dfcb22426d0b4d3889f727d52e9351c8bbcf94a71fb67f73
7d25d1dd722ef5401134e25d1d8dbe1dfd0d418c135d6602573cf1deff32bf5b
7e382572afe26191e47c32a55fe7c19685c3fd6e7c9c8a7898360c00c32f96ab
7f82c1b6643d032c38319a1098bb41c138e6de7e138b7eaff9aa73d9ab9f6ed5
80d96f20d9bd725cc314b80c9966cad13d32c6664abf3eea1a9f86842b7d5e5b
8165504ba0b5c682d0afcf77fdf53cff4ff004b8500d8ef327a85c899c115a5f
81c587dca31a026a61fd2b42b8e43d02baea731f281a7faabd987c8306b2dd35
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9878829abe8f9e3995c84c30b61ef664b69565a10515cae45461110721b62719
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9c930d4d90c868ceaed45ceeae7207389fde3f55071558f51a3aa3db46cc610f
9edf24c02c86d3819e20217af679682ffc0496a54fa782b13a7e2fc7ee4d1df8
abba89ff1fb0b07e06927acf2971032412ad34eb9db7988c8d43ac03f8d31983
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b09f4dceb06ef851d872beee0448884a640da11d624bfed3c02e695bec415729
c175cfa9d59788aee3a8875516876e19adf6415929216c2dd0dc2d492fdb0c46
cb57c092ec92360acfd79752bd43a42d2ef0f1663388c8fe005b9e2ad8ffea5b
d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6
d6224471e9fd5710e95059dc11c4faa453bac9893d260fd20c255dedd452bdea
d87aef3917a53cc602c6ce9acc1689836c84fb9fe3aa9b6033f6fe6f5ad183f6
d8b4606d9a74ced5729bc14061d47021c7ba2ed69d813100f41d4f19c6acaa61
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2b35f4f89b2af4cd305612acdcf1c63644583c10f78a8842a316f84b8b99e8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee24b7d07e0220e940cd65fff83465f04a9476309b49b932b4900c468c6e3082
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
faefc7d5cb22f0899412f91aa8fcabe5910c50cb6faee897413b62ac324c0f79

dudasbecasmec.net Open in urlscan Pro 51.254.44.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

98 %HTTPS

86 %IPv6

9 Domains

15 Subdomains

14 IPs

5 Countries

4667 kBTransfer

6758 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dudasbecasmec.net Open in urlscan Pro
51.254.44.144 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

98 %
HTTPS

86 %
IPv6

9
Domains

15
Subdomains

14
IPs

5
Countries

4667 kB
Transfer

6758 kB
Size

6
Cookies

106 HTTP transactions
2 data transactions