ngembassy.info Open in urlscan Pro
103.72.77.63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ngembassy.org/
Effective URL:
https://ngembassy.info/
Submission: On January 02 via api (January 2nd 2023, 12:08:32 pm UTC) from FR — Scanned from FR

Summary HTTP 183 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 8 countries across 28 domains to perform 183 HTTP transactions. The main IP is 103.72.77.63, located in United States and belongs to A2HOSTING, US. The main domain is ngembassy.info.
TLS certificate: Issued by R3 on December 7th 2022. Valid for: 3 months.

This is the only time ngembassy.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	103.72.77.63 103.72.77.63	55293 (A2HOSTING) (A2HOSTING)
1	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 3	3.65.71.95 3.65.71.95	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:db2f:b9cd:e64:dd58	16509 (AMAZON-02) (AMAZON-02)
1	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
2 2	18.193.21.241 18.193.21.241	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	95.131.136.1 95.131.136.1	47841 (OXALIDE) (OXALIDE)
2	192.229.220.129 192.229.220.129	15133 (EDGECAST) (EDGECAST)
2	23.67.134.223 23.67.134.223	16625 (AKAMAI-AS) (AKAMAI-AS)
183	26

27 103.72.77.63 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: m.server48.com

ngembassy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ngembassy.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (Cantonment, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.ckeditor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.65.71.95 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-71-95.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:db2f:b9cd:e64:dd58 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.237 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.21.241 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-21-241.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.131.136.1 (France) 2 redirects

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net

vcb.happ-e.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.220.129 (United States)

ASN15133 (EDGECAST, US)

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.67.134.223 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-134-223.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	472 KB
34	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	166 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28784 ad4m.at — Cisco Umbrella Rank: 9270 assets.ad4m.at — Cisco Umbrella Rank: 40645	945 KB
26	ngembassy.info ngembassy.info	263 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	127 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	327 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	1 KB
4	metaffiliation.com 2 redirects action.metaffiliation.com — Cisco Umbrella Rank: 109483 img.metaffiliation.com — Cisco Umbrella Rank: 66654	270 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98393 static-de.ad4mat.net — Cisco Umbrella Rank: 155945	7 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	4 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 871	2 KB
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	1 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 16669	1 KB
2	happ-e.fr vcb.happ-e.fr — Cisco Umbrella Rank: 836565	4 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 497	963 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 3351	792 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 35086	630 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 1282	1 KB
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 17421	957 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 679	864 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1147	471 B
1	de17a.com d5p.de17a.com — Cisco Umbrella Rank: 6509	125 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723	717 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	698 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2124	346 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	76 KB
1	ckeditor.com cdn.ckeditor.com — Cisco Umbrella Rank: 45650	161 KB
1	ngembassy.org 1 redirects ngembassy.org	278 B
183	28

	Domain	Requested by
32	tpc.googlesyndication.com	googleads.g.doubleclick.net ngembassy.info pagead2.googlesyndication.com tpc.googlesyndication.com
26	ngembassy.info	ngembassy.info
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ngembassy.info
17	pagead2.googlesyndication.com	ngembassy.info pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
14	cm.g.doubleclick.net	googleads.g.doubleclick.net
12	assets.ad4m.at	as.ad4m.at
9	www.gstatic.com	googleads.g.doubleclick.net
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
7	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
3	x.bidswitch.net	2 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.com	pagead2.googlesyndication.com
2	www.awin1.com	as.ad4m.at
2	img.metaffiliation.com	as.ad4m.at
2	action.metaffiliation.com	2 redirects
2	vcb.happ-e.fr	as.ad4m.at
2	static-de.ad4mat.net	as.ad4m.at
2	eb2.3lift.com	2 redirects
2	match.360yield.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	um.simpli.fi	2 redirects
2	prod-rtb.ad4mat.net	ngembassy.info
2	adservice.google.fr	pagead2.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	ad.turn.com	1 redirects
1	d5p.de17a.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ngembassy.info
1	cdn.ckeditor.com	ngembassy.info
1	ngembassy.org	1 redirects
183	36

This site contains links to these domains. Also see Links.

Domain
ngspan.com

Subject Issuer	Validity	Valid
ngembassy.info R3	`2022-12-07` - `2023-03-07`	3 months	crt.sh
cdn.ckeditor.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-30` - `2023-12-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
vcb.happ-e.fr Gandi Standard SSL CA 2	`2022-02-08` - `2023-02-23`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://ngembassy.info/
Frame ID: 6E9355019537EDD4D1019C355F4E3335
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: ACD151B0B39DD22561D6A5FC42D6BF9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&adk=1812271804&adf=3025194257&lmt=1672661307&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fngembassy.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661307270&bpp=10&bdt=747&idt=195&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6261394787486&frm=20&pv=2&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=215
Frame ID: 1791C9EDDF35CF5A6D2B603662629352
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672661307&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661307280&bpp=3&bdt=757&idt=211&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HPNGUhGGIM&p=https%3A//ngembassy.info&dtd=214
Frame ID: 565D5A29C79DDEFB87C1ABC4FD7C78F8
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.2431322315~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=-M&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=u8kcxIajrv&p=https%3A//ngembassy.info&dtd=18
Frame ID: A34EB89628B4D4F6F26DAF8D92EB90C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=1776016447&pi=t.aa~a.165272966~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=-M&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=jkrnHkRzPN&p=https%3A//ngembassy.info&dtd=22
Frame ID: 2C7155A3E13236F60E2CDC9709894075
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26
Frame ID: 09EECC7F63D911988CE541073B2A8D30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: DFB637B15A75EDEEE35A747028B7D902
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 267252C9A56132172B98713D0D91411E
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 26EBB1487F45723AD44D36889B08A6B8
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: C6212CAD9301766190759A56FCE6545A
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D517E6987CCB480EB8F1B518CA07F609
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 496E1C73B05ECCDBB9681F864AE2FC17
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6A6FE9BEAD4799606D5064C0CDFEC206
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CVi8XPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwAFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrXTE5z2nOywNifhm0XHdQFww9CFn3h4Wpg8bOiXH1q20BEo7vkHGABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjkxMDM1Nzk4MjY1MDc4NhgA&sigh=rvMHZth3PdE&uach_m=[UACH]&cid=CAQSOwDq26N9ZHbu3M-MzDI9ZkwutnzUtf5uX7Q5BQxOv1aoVfnT0r_FEkOWwuViahlt_KMCyva7_jORgZWmGAEgEw
Frame ID: ADDB01587311C8301AD37C4EC5C1AA6D
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gd43vbsfa0rjm9ty8az96xf1ggdnxbh46etkrx4gagqzptaar0nt2cy1vnh2dt28w4smxcjx43dzwsdbs2p822mtvz132gj6p4j36j573vbg4dh81n8vyw1r59hc7q26zfgectythj2yr3ngvesfxdhmpffm0m0hegrmcyf01g791gyr61sh3zcxdzqt3bpvv1qm27pa33a3gad8vqthmbdj19cygcrhjdbph1dk54krq1zc7af8atfxqyz0rnmj59xd57t790r5dpscdzm14aetrmhk9frrzdehb9121hch6g8xkhtntmwwp497vakcrb2axa4qzqbks4jhsmvr6rcm8saqenrdz189hdcnjr5jcw7fep3nndacp6jg5kxkp85qn03gj01dprxf4kaxgfsqbpc24j7r2ek2ebk2hs82xcv0c5ch1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%26client%3Dca-pub-2910357982650786%26adurl%3D
Frame ID: 47864E6403D6A2DB7EB076C9F8818752
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D2F5F2DB323AA0B76AA6831F14B456A6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: C6BF4204D44F876415ADA4CBC97D292C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kmwh69ynhpbrd7h29bacswvmy78qe9ejnbnvb0cvzzc3vrwz29d47apnj29qbtm2kmzbnr5hhah5rjej372t2zjwgshyj9880gy4ckrwpxt9gem77xgzx2hj11ae21rvxa8hakg6xvcd4vpzr54ktsgjsj1h1f1dbcdmq9qvgb00h7fa4r361yt2hct7ppx6ra0h4cy49ndjxst2vd3ck1gms20s7qg0atxafgf5cr6yn99p3f75scr76x1k8jd0rgcf6xfbyz80mgtq3hx884yga6ck7gpfv8pjqbk7gv3rjmcwjkakqakennw6cjgxqk75n6py316f4t5e4px10m7xww65fr43fss9aapjavr0xqtcj65g44zza310v3309chcw9w80d58scdhmsebgc8cdaxssrhys82a1bgzfpkeftcsgbbxg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%26client%3Dca-pub-2910357982650786%26adurl%3D
Frame ID: 8B367051D1943E6E0578A3E3873005FD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Frame ID: 2FA46FDA87E2FCF193C351659BBC8F01
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F791A6C47E750A647AD69C2DBB3AF821
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: D60E65DD3FF8B30AF6DCDE87D20CC49F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 10094555E2AD54F403094D38BA9160B3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: D6E239BDB38752EFD21780F0C60A0540
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5A7377E4D56C12FB27A85434FF2BB6C5
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: DF62DC2B25A66EB97322FA0762770065
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Frame ID: 1993AF67E57268D7BA76E067BD54CE38
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Frame ID: 4C888A95A413D46A85294C3A0DEC2C15
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 775D7CA0119C88AD295703BBE13A60C2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A473BC4B8E048D9F076439399D16C5AB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ngEmbassy : Integrated Information Portal

Page URL History Show full URLs

http://ngembassy.org/ HTTP 301
https://ngembassy.info/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

183
Requests

92 %
HTTPS

58 %
IPv6

28
Domains

36
Subdomains

26
IPs

8
Countries

2822 kB
Transfer

6499 kB
Size

34
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ngspan.com/
Title: cookie script

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ngembassy.org/ HTTP 301
https://ngembassy.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://um.simpli.fi/gp_match?google_gid=CAESEKMcdft33HjjhENH96XNvGo&google_cver=1&google_push=AavPq0P17F17IzdmiyCWdpinBB-RfTU2GXNzROd3TzdCOvzfCU-41hZ0aJrAS06Z9YjAY14LwjgT_ReUsMnY3rA7FRPeX_1L_lbxF1qJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF1D4B78C35B431F9CF1FECE2162B14F&google_push=AavPq0P17F17IzdmiyCWdpinBB-RfTU2GXNzROd3TzdCOvzfCU-41hZ0aJrAS06Z9YjAY14LwjgT_ReUsMnY3rA7FRPeX_1L_lbxF1qJ

Request Chain 108

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGHtUjz52MJBBHWi6wUF5ak&google_cver=1&google_push=AavPq0MIj24sswpziWMmmr8rVgf6b3x_juNNFj93DfA569ezjH-O6p8rfaSziyP527LEbW7Jptz7HcQ4tQHi0ahuriNgTB_5JyvXAeaq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0MIj24sswpziWMmmr8rVgf6b3x_juNNFj93DfA569ezjH-O6p8rfaSziyP527LEbW7Jptz7HcQ4tQHi0ahuriNgTB_5JyvXAeaq&google_hm=pAEX_AoaQgO3BlK2Euk457M

Request Chain 109

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDuBfZ89zDH-b10E6ix2vf8&google_cver=1&google_push=AavPq0PNuQDgaTzgITKpMpE4N4FlfOotKsces1t3tWCwNNcUf0BzkdXU-Iq09wnEs_yhCczLNP1naOWmkCmckd2_9ok4J9EabmzYjWcW HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDuBfZ89zDH-b10E6ix2vf8&google_cver=1&google_push=AavPq0PNuQDgaTzgITKpMpE4N4FlfOotKsces1t3tWCwNNcUf0BzkdXU-Iq09wnEs_yhCczLNP1naOWmkCmckd2_9ok4J9EabmzYjWcW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PNuQDgaTzgITKpMpE4N4FlfOotKsces1t3tWCwNNcUf0BzkdXU-Iq09wnEs_yhCczLNP1naOWmkCmckd2_9ok4J9EabmzYjWcW&google_hm=fLPxhWmSQfSTrbAosLY0Bg==

Request Chain 110

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG9Zl-4cwE3O-VzCNrfinn4&google_cver=1&google_push=AavPq0Ob4apRKlc1jTwEoeV4dZxcTLzGwT_90fQ4MXDOZQoYUZ76ZY4gXiWplQD_1UBlrJufICpkwBvDF6wNNIV1040qUISyJ2-AGK2d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Ob4apRKlc1jTwEoeV4dZxcTLzGwT_90fQ4MXDOZQoYUZ76ZY4gXiWplQD_1UBlrJufICpkwBvDF6wNNIV1040qUISyJ2-AGK2d&google_hm=eS01aXRvSzNkRTJwRXBWV2VQdzRRcTBPMTVFQ1FrdXpGSH5B

Request Chain 112

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFYE4wgDCNaxhqXc7uc3SQY&google_cver=1&google_push=AavPq0NzD6pk9DE8-Eboi2y2KPrAZxyImRl86j9Kg_nAQNgy_zC7SE0gpTdbI5MpxSRCnHqO2euge2-oUy-d7sXEPmi5VBFINXy4uQj9 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFYE4wgDCNaxhqXc7uc3SQY&google_cver=1&google_push=AavPq0NzD6pk9DE8-Eboi2y2KPrAZxyImRl86j9Kg_nAQNgy_zC7SE0gpTdbI5MpxSRCnHqO2euge2-oUy-d7sXEPmi5VBFINXy4uQj9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcwODY5MTk5MzM4NjQ2NjU&google_push=AavPq0NzD6pk9DE8-Eboi2y2KPrAZxyImRl86j9Kg_nAQNgy_zC7SE0gpTdbI5MpxSRCnHqO2euge2-oUy-d7sXEPmi5VBFINXy4uQj9

Request Chain 113

https://match.360yield.com/match/ebda?google_gid=CAESEBgigzzR6CeivD3IIjnUUC4&google_cver=1&google_push=AavPq0N6Pz1Dzr8BuvIVE4kADMBdKdX9qOpfSly08WJJiaGUa8nHnRW-pDDoEWyBHee-QOwmIMjkVsJhkfrohAcUOwcuD_eil2696F0_ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBgigzzR6CeivD3IIjnUUC4&google_cver=1&google_push=AavPq0N6Pz1Dzr8BuvIVE4kADMBdKdX9qOpfSly08WJJiaGUa8nHnRW-pDDoEWyBHee-QOwmIMjkVsJhkfrohAcUOwcuD_eil2696F0_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Lr_ByhKzSaKtGgdUoZ5SPw&google_push=AavPq0N6Pz1Dzr8BuvIVE4kADMBdKdX9qOpfSly08WJJiaGUa8nHnRW-pDDoEWyBHee-QOwmIMjkVsJhkfrohAcUOwcuD_eil2696F0_

Request Chain 136

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKaZVkjK3Z_H3_S83dX1yr8&google_cver=1&google_push=AavPq0NHtVct--D6_XI9P4DUK9IPbZL0QBKSrp2YpV9fZA9Fzhw-nNSyBISzAlwFEoFvY7aOcMwZSe7VZQ7LE9ZmhXOSMKvBXCzPlbo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzczNjA2MTUzMjc2MjAwMjMzNA==&gdpr=&gdpr_consent=

Request Chain 137

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJha09NIKlCoS5QmRr1fUNk&google_cver=1&google_push=AavPq0OKczNEQe_bGaFMNsCUTZrKUNMTIXxjpmYgFbPBT6UjB4FkEY8wRlCx9OYuFG9Uu7k4h0RGpUA63phozBlLWWTaG2xHRNTEpsk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0OKczNEQe_bGaFMNsCUTZrKUNMTIXxjpmYgFbPBT6UjB4FkEY8wRlCx9OYuFG9Uu7k4h0RGpUA63phozBlLWWTaG2xHRNTEpsk

Request Chain 138

https://um.simpli.fi/gp_match?google_gid=CAESEFy--NagN-oLosJO_kJC4dI&google_cver=1&google_push=AavPq0MxZg4wH3BVh78Fpu3l1PZ1jJuXdugFK_-kAIkQvJBQald2lEMQ1Wu5Ps0i8STMSWLqgOs5TcmApcY8y0tpNEARxhGAYmazSAI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF1D4B78C35B431F9CF1FECE2162B14F&google_push=AavPq0MxZg4wH3BVh78Fpu3l1PZ1jJuXdugFK_-kAIkQvJBQald2lEMQ1Wu5Ps0i8STMSWLqgOs5TcmApcY8y0tpNEARxhGAYmazSAI

Request Chain 139

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELBGj2hwcaRQGMU5ejgXcL4&google_cver=1&google_push=AavPq0PLgfPYMkzCf4aLXEu0A8GLy570LuPHt7XzHMiMc1R2IIc5aOrkJY8Ku4eXS6HK_65MAHNzetqibuS__opUoMoeVmJU247nwqw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PLgfPYMkzCf4aLXEu0A8GLy570LuPHt7XzHMiMc1R2IIc5aOrkJY8Ku4eXS6HK_65MAHNzetqibuS__opUoMoeVmJU247nwqw&google_hm=pAEX_AoaQgO3BlK2Euk457M

Request Chain 141

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEItkQkVlciXy70CDKS0FfJw&google_cver=1&google_push=AavPq0MGEmds-J-6uqbnSmK8v4dDSN5aiY6FMBBlDF3Wn3A4a2fV92_4vyOkNf-FFb9Emg0MzEgoGZgyLibQLh__q5l4nuso7Kjr_g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcwODY5MTk5MzM4NjQ2NjU&google_push=AavPq0MGEmds-J-6uqbnSmK8v4dDSN5aiY6FMBBlDF3Wn3A4a2fV92_4vyOkNf-FFb9Emg0MzEgoGZgyLibQLh__q5l4nuso7Kjr_g

Request Chain 142

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDaVmvpwIxj3DEi8PfzEJow&google_cver=1&google_push=AavPq0MLzjZCYqzhiIZLM-0pCwCKygG-4zjgWhJlXl266f4bcOefMYEQKw9LgWPzQBEPNFt99u6Y5L174HOQ_WNNWHMIlyxbRiVhAg HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0MLzjZCYqzhiIZLM-0pCwCKygG-4zjgWhJlXl266f4bcOefMYEQKw9LgWPzQBEPNFt99u6Y5L174HOQ_WNNWHMIlyxbRiVhAg&google_gid=CAESEDaVmvpwIxj3DEi8PfzEJow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1OTQ2OTcyNjU1ODg5NjM3NDc0Nw%3D%3D&google_push=AavPq0MLzjZCYqzhiIZLM-0pCwCKygG-4zjgWhJlXl266f4bcOefMYEQKw9LgWPzQBEPNFt99u6Y5L174HOQ_WNNWHMIlyxbRiVhAg

Request Chain 166

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

Request Chain 176

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

183 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ngembassy.info/
Redirect Chain

http://ngembassy.org/
https://ngembassy.info/

38 KB
8 KB

1227ms
285ms

Document
text/html

103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: f5b99fb975f3655304e39254689196e244b82875905561845fa8aa7fbd9e9ca2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 7759
Content-Type: text/html; charset=UTF-8
Date: Mon, 02 Jan 2023 12:08:26 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
Vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 02 Jan 2023 12:08:25 GMT
Keep-Alive: timeout=5, max=100
Location: https://ngembassy.info/
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips

GET
H/1.1 200
OK bootstrap.min.css
ngembassy.info/themes/default/assets/bootstrap/css/ 115 KB
19 KB 114ms
113ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/bootstrap/css/bootstrap.min.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 889087766998e260a22f5c5ccbc7f2e03b168c780bcd7a922b66581241a3ecad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Jun 2021 03:38:06 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1caa7-5c4d9d18a4380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19287

GET
H/1.1 200
OK font-awesome.css
ngembassy.info/themes/default/assets/font-awesome/css/ 32 KB
7 KB 113ms
111ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/font-awesome/css/font-awesome.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "7e3e-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6423

GET
H/1.1 200
OK select2.min.css
ngembassy.info/themes/default/assets/plugins/select2/ 15 KB
2 KB 222ms
107ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/select2/select2.min.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 6657a7d3ac4506ce3b0ca9234df4f63b6bff8e94e92f21f9d77921b166fc6925

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "3a3d-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1920

GET
H/1.1 200
OK _all-skins.min.css
ngembassy.info/themes/default/assets/dist/css/skins/ 41 KB
4 KB 323ms
108ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/css/skins/_all-skins.min.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 4736672260ab0cf94ad37de85f33a0c5aeb75d70320fc6480956680a1ef41f31

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "a554-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3301

GET
H2 200 ckeditor.js Show response
cdn.ckeditor.com/4.5.2/full/ 542 KB
161 KB 199ms
45ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ckeditor.com/4.5.2/full/ckeditor.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 0215 /

Resource Hash

89966b7626c91cec9320b8ce54ae79db5de05e602b578475fd748e0ea042c35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:26 GMT
x-cf-tsc: 1672387324
x-content-type-options: nosniff
x-cf3: H
cf4ttl: 604800.000
content-encoding: gzip
x-cf1: 28810:fD.waw1:co:1663772073:cacheN.waw1-01:M
x-cf-reqid: 51402fba36ef977db3da3730b74b36b3
content-length: 164316
x-xss-protection: 1; mode=block
x-cf2: H
last-modified: Tue, 04 Aug 2015 13:14:26 GMT
server: CFS 0215
x-cff: B
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf4age: 905531
accept-ranges: bytes
x-cf-rand: 99.811
expires: Mon, 26 Dec 2022 18:30:32 GMT

GET
H/1.1 200
OK hover.css
ngembassy.info/themes/default/assets/dist/css/ 102 KB
7 KB 324ms
109ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/css/hover.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 685454498ab464c992327759a925959c1360d694f00f18f7fc951c7abd63c0a9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1971f-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7203

GET
H/1.1 200
OK custom.css
ngembassy.info/themes/default/assets/dist/css/ 40 KB
7 KB 324ms
110ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/css/custom.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: c6d209ce80af1a13e14a1d75f7311497df5f97de026bfa12295186dffdfdb1f5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Oct 2021 22:47:08 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "9fa1-5cf99b938b300-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7222

GET
H/1.1 200
OK jQuery-2.1.4.min.js Show response
ngembassy.info/themes/default/assets/plugins/jQuery/ 82 KB
29 KB 334ms
113ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/jQuery/jQuery-2.1.4.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "14979-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 29532

GET
H/1.1 200
OK jquery.inputmask.js Show response
ngembassy.info/themes/default/assets/plugins/input-mask/ 88 KB
16 KB 336ms
113ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/input-mask/jquery.inputmask.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a69d282071d6718929c2115e5220aeb7537c3affe7a04ee35ae814eac245574c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "161ab-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 15666

GET
H/1.1 200
OK jquery.inputmask.date.extensions.js Show response
ngembassy.info/themes/default/assets/plugins/input-mask/ 22 KB
3 KB 431ms
108ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/input-mask/jquery.inputmask.date.extensions.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 14e8ff6d39adcaf4db1b200db29915a4a00744f27fd10614ef6f49949f534edc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "591e-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2827

GET
H/1.1 200
OK jquery.inputmask.extensions.js Show response
ngembassy.info/themes/default/assets/plugins/input-mask/ 5 KB
2 KB 432ms
107ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/input-mask/jquery.inputmask.extensions.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a58091f89f887419568e3fb01d7af0345757db9c225040f1493a4238ad161b0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "14c3-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1197

GET
H/1.1 200
OK custom_css
ngembassy.info/ 24 KB
5 KB 437ms
221ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/custom_css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.37
Resource Hash: 00eb6ce2456c0dd817a87b3e7f7934ddcd91a2b29f304d1cd98cf319b4a38306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Jan 2023 12:08:26 GMT
Content-Encoding: gzip
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.6.37
Vary: Accept-Encoding,User-Agent
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 4420
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 107ms
45ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6HX21LM9FM

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53bcc9be8ada3b69949f6de313721f56a91ddab2c35d6dd43ed94fae1f244c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Jan 2023 12:08:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 156ms
93ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15c09ec30728b8fa9b6321db4cbc61f1c3cfba1e9aaa44f3a59acf58ffbebc92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49907
x-xss-protection: 0
server: cafe
etag: 1570942580048248936
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 12:08:27 GMT

GET
H/1.1 200
OK title_logo_embassy.png
ngembassy.info/uploads/ 2 KB
2 KB 278ms
176ms Image
image/png 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngembassy.info/uploads/title_logo_embassy.png
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a611eeac1a9d8bfd87c5a827d376f84dd2f9804dbe00dc445a26006cce941c8a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Last-Modified: Mon, 14 Dec 2020 00:42:02 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "800-5b661e9136a80"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2048

GET
H/1.1 200
OK bootstrap.min.js Show response
ngembassy.info/themes/default/assets/bootstrap/js/ 35 KB
10 KB 110ms
110ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "8c6f-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9539

GET
H/1.1 200
OK select2.full.min.js Show response
ngembassy.info/themes/default/assets/plugins/select2/ 70 KB
20 KB 111ms
111ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/select2/select2.full.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 4b43924b55481613b8536446f4fe4ad13b80a63f265ba25830614555b08d68fc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "11604-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 20119

GET
H/1.1 200
OK moment.min.js Show response
ngembassy.info/themes/default/assets/plugins/daterangepicker/ 34 KB
12 KB 109ms
109ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/daterangepicker/moment.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "87b1-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11869

GET
H/1.1 200
OK daterangepicker.js Show response
ngembassy.info/themes/default/assets/plugins/daterangepicker/ 52 KB
10 KB 113ms
111ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/daterangepicker/daterangepicker.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 9730fbde9ce805bcadb096de2dd86e0205dd5a87b3ab6b0433e65873d63d428c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "d1af-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9373

GET
H/1.1 200
OK bootstrap-timepicker.min.js Show response
ngembassy.info/themes/default/assets/plugins/timepicker/ 15 KB
4 KB 112ms
110ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/timepicker/bootstrap-timepicker.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: dc57a413d6bfd7f70b10453e990af4389e9e6f08c2b58aa30097d855e6260f52

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "3c5d-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3494

GET
H/1.1 200
OK icheck.min.js Show response
ngembassy.info/themes/default/assets/plugins/iCheck/ 4 KB
2 KB 111ms
110ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/iCheck/icheck.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "11a4-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2161

GET
H/1.1 200
OK jquery.slimscroll.min.js Show response
ngembassy.info/themes/default/assets/plugins/slimScroll/ 6 KB
2 KB 175ms
175ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/slimScroll/jquery.slimscroll.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: f7534a3e962da708c7b8a3b5f122669e4688a1c17f86e9fdb1b2684edca4f351

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1856-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2062

GET
H/1.1 200
OK fastclick.min.js Show response
ngembassy.info/themes/default/assets/plugins/fastclick/ 9 KB
3 KB 174ms
173ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/fastclick/fastclick.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "2248-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2831

GET
H/1.1 200
OK app.min.js Show response
ngembassy.info/themes/default/assets/dist/js/ 9 KB
3 KB 173ms
172ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/js/app.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a103c9f033863dc4bfd397f87a47fc652b7d6c8fb3278e2bdb0f30c963601d99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "2402-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2863

GET
H/1.1 200
OK imagelightbox.js Show response
ngembassy.info/themes/default/assets/dist/js/ 9 KB
3 KB 173ms
173ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/js/imagelightbox.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 55a32cd3aa02ede12a27bff30307abee7970cbc2f0e3410ef14176d09a1db15e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "25d4-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2488

GET
H/1.1 200
OK custom_js Show response
ngembassy.info/ 16 KB
16 KB 192ms
192ms Script
text/style 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/custom_js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.37
Resource Hash: b88e2b045e3c6cb809fe254fb2fc1828639ed5ef95ce4fba582da56a693efd9c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Jan 2023 12:08:27 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.6.37
Vary: User-Agent
Transfer-Encoding: chunked
Content-Type: text/style;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cookieinfo.js Show response
ngembassy.info/scripts/ 7 KB
3 KB 110ms
109ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/scripts/cookieinfo.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: c16ce1c562a94558b9ef3c5047912c52b7d7864ba3198d39fafb8eaf87ccfa56

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Nov 2021 22:02:28 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1dc9-5d0daf6f12500-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2984

GET
H/1.1 200
OK fontawesome-webfont.woff2
ngembassy.info/themes/default/assets/font-awesome/fonts/ 63 KB
63 KB 280ms
181ms Font
font/woff2 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/themes/default/assets/font-awesome/css/font-awesome.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://ngembassy.info/themes/default/assets/font-awesome/css/font-awesome.css
Origin: https://ngembassy.info
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:27 GMT
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "fbd0-56f6c65a4bf00"
Vary: User-Agent
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 64464

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 139ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6HX21LM9FM&gtm=2oebu0&_p=898813715&cid=539259531.1672661307&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672661307&sct=1&seg=0&dl=https%3A%2F%2Fngembassy.info%2F&dt=ngEmbassy%20%3A%20Integrated%20Information%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HX21LM9FM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ngembassy.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 356 KB
117 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2910357982650786&plah=ngembassy.info&bust=31071220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aa3bce314cdc673026cb35a4013f52c86f72d5d97e1a26bfd631b3ba8585e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120013
x-xss-protection: 0
server: cafe
etag: 9388120392976784487
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 12:08:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame ACD1 10 KB
5 KB 140ms
39ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 37798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:38:29 GMT
etag: 10353107486223812946
expires: Mon, 16 Jan 2023 01:38:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
698 B 110ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ngembassy.info&callback=_gfp_s_&client=ca-pub-2910357982650786&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2910357982650786&plah=ngembassy.info&bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ce99f1c5aff38136ab2a13aa771fd17dddb63a08ba4c539d1396dab48ff7610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 301ms
160ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 123ms
48ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1791 498 KB
88 KB 765ms
684ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&adk=1812271804&adf=3025194257&lmt=1672661307&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fngembassy.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661307270&bpp=10&bdt=747&idt=195&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6261394787486&frm=20&pv=2&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=215

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4c8bbc2a88eb0c809d16568191c128afbd24a9c55958cb1cd137979d8b55dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 89927
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:28 GMT
expires: Mon, 02 Jan 2023 12:08:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 565D 84 KB
30 KB 827ms
755ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672661307&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661307280&bpp=3&bdt=757&idt=211&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HPNGUhGGIM&p=https%3A//ngembassy.info&dtd=214

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc5f4080b59632e4316a2e54f935db26e55ed61b6f73b2fc4e9f2a127a5477e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30686
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:28 GMT
expires: Mon, 02 Jan 2023 12:08:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 css
fonts.googleapis.com/ Frame 565D 6 KB
1 KB 94ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672661307&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661307280&bpp=3&bdt=757&idt=211&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HPNGUhGGIM&p=https%3A//ngembassy.info&dtd=214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 11:19:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 151 KB
51 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/reactive_library_fy2021.js?bust=31071220

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

022f78a2d80398a831f7ca53c5245038f05fbff1ffa80fc720f519697c19a9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52379
x-xss-protection: 0
server: cafe
etag: 3477867279377585662
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
165 B 364ms
62ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 89ms
35ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A34E 436 B
237 B 420ms
419ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.2431322315~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=-M&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=u8kcxIajrv&p=https%3A//ngembassy.info&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

529ac172d95cd5567e61bd5d3b91c26f2883718748065cd6e249c5e5345547f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:28 GMT
expires: Mon, 02 Jan 2023 12:08:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C71 30 KB
12 KB 399ms
398ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=1776016447&pi=t.aa~a.165272966~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=-M&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=jkrnHkRzPN&p=https%3A//ngembassy.info&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d36c42df2c748000ad8a56af34613b73b990b10d5ccad089c546425d538da711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:28 GMT
expires: Mon, 02 Jan 2023 12:08:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 09EE 30 KB
12 KB 498ms
497ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7a458f9dba6e6f680921f3726eb9395838420308938cfda17746743c2e64445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:28 GMT
expires: Mon, 02 Jan 2023 12:08:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 565D 2 KB
846 B 120ms
32ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 09:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 09:01:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 565D 0
0 81ms
81ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cy93lO8myY-DYJdG17APzsYnoCZ2usJ9u2OT-yOoP9LvWrpYOEAEgyv7WhwFg-wGgAe-d_9soyAEJqQJShg5hgmF7PqgDAcgDywSqBMcBT9C3VFv7snJh_PteHVPvlit1miy-1rjXg8GV3L1YFzh0Je45givnnRSjGzxWTMbECLBdu0aDTv8aA_dq7pTPCxClBJlp5ot_EPp5LmHyjDUJuXns2IT8liP4U3zOy2Kr4kgkCix1Wm5XhdUd1Jk6gj_AcQ_XbUPX_FtjC0Lk8hceXkFXGiUxqjrob8psLZn02YYPciI0DX7NVfUA4EE57wj6MGCcWXN7IeMOsnJwJPR042gPoG7eUIJqulkzT-edx83M5rtyYcAE_OPv9aAEkgUECAQYAZIFBAgFGASgBi6AB5qE_bsDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqZsB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMMiBQF0BUBgBcBshccChoIABIUcHViLTI5MTAzNTc5ODI2NTA3ODYYAA&sigh=hpA49ASdwsQ&uach_m=[UACH]&cid=CAQSGwDq26N9wmjfwgGBo1TblMvsENq8lN_00rUQYRgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672661307&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661307280&bpp=3&bdt=757&idt=211&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HPNGUhGGIM&p=https%3A//ngembassy.info&dtd=214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Jan 2023 12:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 565D 23 KB
10 KB 111ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 14:28:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 565D 3 KB
1 KB 119ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 11:11:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 565D 18 KB
7 KB 114ms
29ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 08:56:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 565D 153 KB
47 KB 214ms
101ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 565D 34 KB
14 KB 87ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:05:50 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1973159080568613846/ Frame 565D 12 KB
13 KB 132ms
48ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1973159080568613846/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8839b2d0b14eb193540520bebc9e3c49df90f7f54e5c7f81a13282de5ec1f792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 07:42:33 GMT
x-content-type-options: nosniff
age: 15955
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12666
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 06:26:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Jan 2024 07:42:33 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12897371030609539648/ Frame 565D 2 KB
2 KB 137ms
54ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12897371030609539648/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9f4fd72e7f700a29c813e03b8bd94d77385cb2ce3d22e8c64a0ed6351e34be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 12:17:33 GMT
x-content-type-options: nosniff
age: 85855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 06:26:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 12:17:33 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame DFB6 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 37797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:38:31 GMT
etag: 10353107486223812946
expires: Mon, 16 Jan 2023 01:38:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 2672 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 37797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:38:31 GMT
etag: 10353107486223812946
expires: Mon, 16 Jan 2023 01:38:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 26EB 10 KB
4 KB 98ms
97ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 37797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:38:31 GMT
etag: 10353107486223812946
expires: Mon, 16 Jan 2023 01:38:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame C621 10 KB
4 KB 97ms
96ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 37797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:38:31 GMT
etag: 10353107486223812946
expires: Mon, 16 Jan 2023 01:38:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 565D 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8def2ad5ac1038000a229b890d2784be122bde5b1c166b8d3fccb254130eb3fd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame DFB6 4 KB
636 B 100ms
37ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 12:06:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DFB6 205 B
229 B 109ms
47ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 18:00:06 GMT
x-content-type-options: nosniff
age: 65302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Jan 2024 18:00:06 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DFB6 604 B
628 B 108ms
46ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 10:55:38 GMT
x-content-type-options: nosniff
age: 4370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 02 Jan 2024 10:55:38 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame DFB6 19 KB
8 KB 113ms
42ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 09:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 09:01:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2672 2 KB
765 B 105ms
63ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 09:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 09:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 2672 23 KB
9 KB 90ms
50ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 14:28:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2672 3 KB
1 KB 64ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 11:11:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2672 18 KB
7 KB 78ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 08:56:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2672 153 KB
47 KB 300ms
218ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 2672 34 KB
14 KB 63ms
34ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:05:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 26EB 2 KB
765 B 82ms
62ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 09:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 09:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 26EB 23 KB
9 KB 46ms
28ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 14:28:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 26EB 3 KB
1 KB 79ms
63ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 11:11:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 26EB 18 KB
7 KB 49ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 08:56:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26EB 153 KB
47 KB 165ms
105ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 26EB 34 KB
14 KB 32ms
27ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:05:50 GMT

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame C621 9 KB
4 KB 35ms
31ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 12:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 29 Mar 2023 12:48:40 GMT

GET
H3 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame C621 10 KB
4 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 22:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 26 Mar 2023 22:26:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C621 8 KB
895 B 40ms
37ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 11:40:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C621 2 KB
765 B 73ms
63ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 09:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 09:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame C621 23 KB
9 KB 59ms
48ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 14:28:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C621 3 KB
1 KB 75ms
65ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 11:11:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C621 18 KB
7 KB 70ms
60ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 08:56:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C621 153 KB
47 KB 266ms
212ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame C621 34 KB
14 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:05:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C621 0
0 84ms
83ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFkiiO8myY5XbJbuDiM0PtN2pyAP3-e6eboT309KKEJiS-IezAhABIMr-1ocBYPsBoAHvnf_bKMgBAakCUoYOYYJhez6oAwGqBMQBT9DuYJ3V_5LpPCnImXYQAhZ_-Gs8xnKuROIDvhm0ahF4Q_ZDJd-BEmDbVb0cU4lGaIhpeMkwqmgK4cUEFFJ9o93urEYoCJg6PA0C_WjxlgYjqTQgZERSKIqpWyCUpvDIcagKjGxGofVxmFAIot5Dr9w-vX_j6bCf-pV1oF8rCDVwY4luAz0z_E1XtZpFUWHepqBrpDT2LYKyllKG4MECCJrrFb1EK7AXgizxRFZHgqv0NVmkNF_P2Oc_9puDeSiqeiCMa8AEqML4goIEkgUECAQYAZIFBAgFGASAB57D1bsDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQq13SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=kuXmjeMGY7g&uach_m=[UACH]&cid=CAQSGwDq26N92cPJqmGXsKSK2jSMF-ZJl9PsJVlT1RgBIBM&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Jan 2023 12:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame D517 8 KB
895 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 12:06:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D517 2 KB
765 B 26ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 09:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 09:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame D517 23 KB
9 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 14:28:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D517 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 11:11:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D517 18 KB
7 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 08:56:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D517 153 KB
47 KB 167ms
167ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame D517 34 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:05:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 565D 15 KB
15 KB 107ms
36ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 228464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 20:40:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 565D 15 KB
16 KB 126ms
57ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 588216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 565D 15 KB
16 KB 95ms
28ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 318373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 19:42:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 496E 143 B
166 B 41ms
41ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 11:43:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A6F 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 11:43:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ADDB 0
0 85ms
85ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVi8XPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwAFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrXTE5z2nOywNifhm0XHdQFww9CFn3h4Wpg8bOiXH1q20BEo7vkHGABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjkxMDM1Nzk4MjY1MDc4NhgA&sigh=rvMHZth3PdE&uach_m=[UACH]&cid=CAQSOwDq26N9ZHbu3M-MzDI9ZkwutnzUtf5uX7Q5BQxOv1aoVfnT0r_FEkOWwuViahlt_KMCyva7_jORgZWmGAEgEw

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=1776016447&pi=t.aa~a.165272966~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=-M&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=jkrnHkRzPN&p=https%3A//ngembassy.info&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Jan 2023 12:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame ADDB 0
0 89ms
27ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hapty4311me9d3g7s8xf4sc4z43r23y2ryxq5znwxgaj31q5tjr0cajrv6w4mgtstyn8rcnb5wmh2f87889kskjv93ptgy5zzvwybax1jxzkmdx7r7cgsa5hj4cdbb3kykg5jg9hxcsxvv7ye87g6sw3vchn7qzk9ysf408wpnjv31n8y098mc1t2qen6wva69nafw460jk3q9jn38mmpgbgks2shjnnwjgs33jkesd8q2nzd7xyxkpermhpeajw2hf3zp29ka1k2jbghew6k0evghetrgghvvgvx4b06dk9dvx3twehqn0b935qkbgcz7ze29q9mvyqae8ar7cr6gxvz0rf0hhhebdba326y7qydzv0s9xn6xh54vgrxtwc1kn6arzg0&b=Y7LJPAAHEI4KGBsRAAJTLfEOBWvBkTAqFoK0nQ
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 02 Jan 2023 12:08:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4786 2 KB
3 KB 110ms
42ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gd43vbsfa0rjm9ty8az96xf1ggdnxbh46etkrx4gagqzptaar0nt2cy1vnh2dt28w4smxcjx43dzwsdbs2p822mtvz132gj6p4j36j573vbg4dh81n8vyw1r59hc7q26zfgectythj2yr3ngvesfxdhmpffm0m0hegrmcyf01g791gyr61sh3zcxdzqt3bpvv1qm27pa33a3gad8vqthmbdj19cygcrhjdbph1dk54krq1zc7af8atfxqyz0rnmj59xd57t790r5dpscdzm14aetrmhk9frrzdehb9121hch6g8xkhtntmwwp497vakcrb2axa4qzqbks4jhsmvr6rcm8saqenrdz189hdcnjr5jcw7fep3nndacp6jg5kxkp85qn03gj01dprxf4kaxgfsqbpc24j7r2ek2ebk2hs82xcv0c5ch1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%26client%3Dca-pub-2910357982650786%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=1776016447&pi=t.aa~a.165272966~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=-M&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=jkrnHkRzPN&p=https%3A//ngembassy.info&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e9f619a2a97df50605579cb27343705a784b45a1a8ad233fef40d2d9260c68e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7833615cbab6f180-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:28 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame ADDB 3 KB
1 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 11:11:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D2F5 1 KB
643 B 31ms
30ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 9760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 09:25:48 GMT
etag: 48472445140208031
expires: Tue, 03 Jan 2023 09:25:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame ADDB 18 KB
7 KB 33ms
29ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 08:56:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADDB 153 KB
47 KB 125ms
120ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 496E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

66ms
66ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:29 GMT
expires: Mon, 02 Jan 2023 12:08:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A6F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

79ms
79ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:29 GMT
expires: Mon, 02 Jan 2023 12:08:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ADDB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b54f6cb328bdc60c04040684ddd7ab4061b5445bf1ccbb568dbaefd1301d5e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKMcdft33HjjhENH96XNvGo&google_cver=1&google_push=AavPq0P17F17IzdmiyCWdpinBB-RfTU2GXNzROd3TzdCOvzfCU-41hZ0aJrAS06Z9YjAY14LwjgT_ReUsMnY3rA7FRPeX_1L_lbxF1qJ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF1D4B78C35B431F9CF1FECE2162B14F&google_push=AavPq0P17F17IzdmiyCWdpinBB-RfTU2GXNzROd3TzdCOvzfCU-41hZ0aJrAS06Z9YjAY14LwjgT_ReUsMnY3rA...

170 B
188 B

91ms
40ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF1D4B78C35B431F9CF1FECE2162B14F&google_push=AavPq0P17F17IzdmiyCWdpinBB-RfTU2GXNzROd3TzdCOvzfCU-41hZ0aJrAS06Z9YjAY14LwjgT_ReUsMnY3rA7FRPeX_1L_lbxF1qJ

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 02 Jan 2023 12:08:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF1D4B78C35B431F9CF1FECE2162B14F&google_push=AavPq0P17F17IzdmiyCWdpinBB-RfTU2GXNzROd3TzdCOvzfCU-41hZ0aJrAS06Z9YjAY14LwjgT_ReUsMnY3rA7FRPeX_1L_lbxF1qJ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 01 Jan 2023 12:08:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F5
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGHtUjz52MJBBHWi6wUF5ak&google_cver=1&google_push=AavPq0MIj24sswpziWMmmr8rVgf6b3x_juNNFj93DfA569ezjH-O6p8rfaSziyP527LEbW7Jptz7HcQ4tQH...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0MIj24sswpziWMmmr8rVgf6b3x_juNNFj93DfA569ezjH-O6p8rfaSziyP527LEbW7Jptz7HcQ4tQHi0ahuriNgTB_5JyvXAeaq&google_hm=pAEX_AoaQgO3BlK2...

170 B
188 B

101ms
47ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0MIj24sswpziWMmmr8rVgf6b3x_juNNFj93DfA569ezjH-O6p8rfaSziyP527LEbW7Jptz7HcQ4tQHi0ahuriNgTB_5JyvXAeaq&google_hm=pAEX_AoaQgO3BlK2Euk457M

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0MIj24sswpziWMmmr8rVgf6b3x_juNNFj93DfA569ezjH-O6p8rfaSziyP527LEbW7Jptz7HcQ4tQHi0ahuriNgTB_5JyvXAeaq&google_hm=pAEX_AoaQgO3BlK2Euk457M
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F5
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDuBfZ89zDH-b10E6ix2vf8&google_cver=1&google_push=AavPq0PNuQDgaTzgITKpMpE4N4FlfOotKsces1t3tWCwNNcUf0BzkdXU-Iq09wnEs_yhCczLNP1naOWmkCmckd2_9ok4...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDuBfZ89zDH-b10E6ix2vf8&google_cver=1&google_push=AavPq0PNuQDgaTzgITKpMpE4N4FlfOotKsces1t3tWCwNNcUf0BzkdXU-Iq09wnEs_yhCczLNP1naOWmkCmckd...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PNuQDgaTzgITKpMpE4N4FlfOotKsces1t3tWCwNNcUf0BzkdXU-Iq09wnEs_yhCczLNP1naOWmkCmckd2_9ok4J9EabmzYjWcW&google_hm=fLPxhWmSQfSTrbAosLY...

170 B
188 B

45ms
45ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PNuQDgaTzgITKpMpE4N4FlfOotKsces1t3tWCwNNcUf0BzkdXU-Iq09wnEs_yhCczLNP1naOWmkCmckd2_9ok4J9EabmzYjWcW&google_hm=fLPxhWmSQfSTrbAosLY0Bg==

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PNuQDgaTzgITKpMpE4N4FlfOotKsces1t3tWCwNNcUf0BzkdXU-Iq09wnEs_yhCczLNP1naOWmkCmckd2_9ok4J9EabmzYjWcW&google_hm=fLPxhWmSQfSTrbAosLY0Bg==
date: Mon, 02 Jan 2023 12:08:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG9Zl-4cwE3O-VzCNrfinn4&google_cver=1&google_push=AavPq0Ob4apRKlc1jTwEoeV4dZxcTLzGwT_90fQ4MXDOZQoYUZ76ZY4gXiWplQD_1UBlrJufICpkwBvDF6wNNIV1040qUIS...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Ob4apRKlc1jTwEoeV4dZxcTLzGwT_90fQ4MXDOZQoYUZ76ZY4gXiWplQD_1UBlrJufICpkwBvDF6wNNIV1040qUISyJ2-AGK2d&google_hm=eS01aXRvSzNkRTJwRX...

170 B
188 B

74ms
36ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Ob4apRKlc1jTwEoeV4dZxcTLzGwT_90fQ4MXDOZQoYUZ76ZY4gXiWplQD_1UBlrJufICpkwBvDF6wNNIV1040qUISyJ2-AGK2d&google_hm=eS01aXRvSzNkRTJwRXBWV2VQdzRRcTBPMTVFQ1FrdXpGSH5B

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 02 Jan 2023 12:08:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Ob4apRKlc1jTwEoeV4dZxcTLzGwT_90fQ4MXDOZQoYUZ76ZY4gXiWplQD_1UBlrJufICpkwBvDF6wNNIV1040qUISyJ2-AGK2d&google_hm=eS01aXRvSzNkRTJwRXBWV2VQdzRRcTBPMTVFQ1FrdXpGSH5B
content-length: 0

GET
H2 200 google
d5p.de17a.com/cookies/ Frame D2F5 35 B
125 B 271ms
47ms Image
image/gif 213.155.156.184
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/cookies/google?google_gid=CAESECuz_UOisDniBd_e9aMPTsA&google_cver=1&google_push=AavPq0NGdhenuFE6ksJ7rA4a1panMQa8mbtpzB2O4NNlTsf6AopdzdPvEU2JSf-vTYUTT0tn-EtMFt6lzn-h0oO4psG6fkG-sUK2-Bty
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=1776016447&pi=t.aa~a.165272966~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=-M&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=jkrnHkRzPN&p=https%3A//ngembassy.info&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.184 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-184.teliacarrier-cust.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFYE4wgDCNaxhqXc7uc3SQY&google_cver=1&google_push=AavPq0NzD6pk9DE8-Eboi2y2KPrAZxyImRl86j9Kg_nAQNgy_zC7SE0gpTdbI5MpxSRCnHqO2euge2-o...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFYE4wgDCNaxhqXc7uc3SQY&google_cver=1&google_push=AavPq0NzD6pk9DE8-Eboi2y2KPrAZxyImRl86j9Kg_nAQNgy_zC7SE0gpTdbI5MpxSRCnHqO2eu...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcwODY5MTk5MzM4NjQ2NjU&google_push=AavPq0NzD6pk9DE8-Eboi2y2KPrAZxyImRl86j9Kg_nAQNgy_zC7SE0gpTdbI5MpxSRCnHqO2euge2-oU...

170 B
188 B

42ms
41ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcwODY5MTk5MzM4NjQ2NjU&google_push=AavPq0NzD6pk9DE8-Eboi2y2KPrAZxyImRl86j9Kg_nAQNgy_zC7SE0gpTdbI5MpxSRCnHqO2euge2-oUy-d7sXEPmi5VBFINXy4uQj9

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcwODY5MTk5MzM4NjQ2NjU&google_push=AavPq0NzD6pk9DE8-Eboi2y2KPrAZxyImRl86j9Kg_nAQNgy_zC7SE0gpTdbI5MpxSRCnHqO2euge2-oUy-d7sXEPmi5VBFINXy4uQj9
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F5
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEBgigzzR6CeivD3IIjnUUC4&google_cver=1&google_push=AavPq0N6Pz1Dzr8BuvIVE4kADMBdKdX9qOpfSly08WJJiaGUa8nHnRW-pDDoEWyBHee-QOwmIMjkVsJhkfrohAcUOwcuD_...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBgigzzR6CeivD3IIjnUUC4&google_cver=1&google_push=AavPq0N6Pz1Dzr8BuvIVE4kADMBdKdX9qOpfSly08WJJiaGUa8nHnRW-pDDoEWyBHee-QOwmIMjkVsJhkfrohAcU...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Lr_ByhKzSaKtGgdUoZ5SPw&google_push=AavPq0N6Pz1Dzr8BuvIVE4kADMBdKdX9qOpfSly08WJJiaGUa8nHnRW-pDDoEWyBHee-QOwmIMjkVsJhkfrohAc...

170 B
188 B

47ms
46ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Lr_ByhKzSaKtGgdUoZ5SPw&google_push=AavPq0N6Pz1Dzr8BuvIVE4kADMBdKdX9qOpfSly08WJJiaGUa8nHnRW-pDDoEWyBHee-QOwmIMjkVsJhkfrohAcUOwcuD_eil2696F0_

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Lr_ByhKzSaKtGgdUoZ5SPw&google_push=AavPq0N6Pz1Dzr8BuvIVE4kADMBdKdX9qOpfSly08WJJiaGUa8nHnRW-pDDoEWyBHee-QOwmIMjkVsJhkfrohAcUOwcuD_eil2696F0_
access-control-allow-origin: *
date: Mon, 02 Jan 2023 12:08:29 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D2F5 0
223 B 256ms
35ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jr5GJd5xa8VQIe6cyAg99dgWemOd_x1AwMR6_j1f4dNTTKdyDcAgpy4k04qqrZw_N_pt2C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C6BF 36 KB
16 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 11:08:10 GMT

GET
H3 200 7497182826023820093
tpc.googlesyndication.com/daca_images/simgad/ Frame 26EB 9 KB
9 KB 152ms
152ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7497182826023820093?w=180&h=360

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34e0ca290142ead6b9b275a9900a8b36e3ede203de952693244231b8466c2902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 05:07:00 GMT
x-content-type-options: nosniff
age: 25288
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9060
x-xss-protection: 0
last-modified: Sun, 01 Jan 2023 03:26:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 09 Jan 2023 05:07:00 GMT

GET
DATA 200
OK truncated
/ Frame 26EB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fc73d1cf44e613b16924c0035674bea6de8ba033f87f62ff5ce4c5015226ef9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 8B36 2 KB
2 KB 215ms
57ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kmwh69ynhpbrd7h29bacswvmy78qe9ejnbnvb0cvzzc3vrwz29d47apnj29qbtm2kmzbnr5hhah5rjej372t2zjwgshyj9880gy4ckrwpxt9gem77xgzx2hj11ae21rvxa8hakg6xvcd4vpzr54ktsgjsj1h1f1dbcdmq9qvgb00h7fa4r361yt2hct7ppx6ra0h4cy49ndjxst2vd3ck1gms20s7qg0atxafgf5cr6yn99p3f75scr76x1k8jd0rgcf6xfbyz80mgtq3hx884yga6ck7gpfv8pjqbk7gv3rjmcwjkakqakennw6cjgxqk75n6py316f4t5e4px10m7xww65fr43fss9aapjavr0xqtcj65g44zza310v3309chcw9w80d58scdhmsebgc8cdaxssrhys82a1bgzfpkeftcsgbbxg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%26client%3Dca-pub-2910357982650786%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c82e93240c53a5e1321e432f811a8a09216ca539df9c9b014441d1f164a322df

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7833615e3eb7d62e-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2FA4 3 KB
1 KB 137ms
136ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 11:11:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F791 1 KB
643 B 166ms
34ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 9761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 09:25:48 GMT
etag: 48472445140208031
expires: Tue, 03 Jan 2023 09:25:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2FA4 18 KB
7 KB 136ms
134ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 08:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 08:56:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2FA4 0
0 123ms
122ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdlaGKuAknlRFlgd9UnEQm1MnUmrw6g7GS2ejXI_kyCPoWFjDIikcpDWQoWdEoXQ2gdGQUSSOKSe9vhmH5RtNJeqzR1Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FA4 153 KB
47 KB 151ms
149ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 12:08:29 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 4786 89 KB
12 KB 83ms
41ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gd43vbsfa0rjm9ty8az96xf1ggdnxbh46etkrx4gagqzptaar0nt2cy1vnh2dt28w4smxcjx43dzwsdbs2p822mtvz132gj6p4j36j573vbg4dh81n8vyw1r59hc7q26zfgectythj2yr3ngvesfxdhmpffm0m0hegrmcyf01g791gyr61sh3zcxdzqt3bpvv1qm27pa33a3gad8vqthmbdj19cygcrhjdbph1dk54krq1zc7af8atfxqyz0rnmj59xd57t790r5dpscdzm14aetrmhk9frrzdehb9121hch6g8xkhtntmwwp497vakcrb2axa4qzqbks4jhsmvr6rcm8saqenrdz189hdcnjr5jcw7fep3nndacp6jg5kxkp85qn03gj01dprxf4kaxgfsqbpc24j7r2ek2ebk2hs82xcv0c5ch1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gd43vbsfa0rjm9ty8az96xf1ggdnxbh46etkrx4gagqzptaar0nt2cy1vnh2dt28w4smxcjx43dzwsdbs2p822mtvz132gj6p4j36j573vbg4dh81n8vyw1r59hc7q26zfgectythj2yr3ngvesfxdhmpffm0m0hegrmcyf01g791gyr61sh3zcxdzqt3bpvv1qm27pa33a3gad8vqthmbdj19cygcrhjdbph1dk54krq1zc7af8atfxqyz0rnmj59xd57t790r5dpscdzm14aetrmhk9frrzdehb9121hch6g8xkhtntmwwp497vakcrb2axa4qzqbks4jhsmvr6rcm8saqenrdz189hdcnjr5jcw7fep3nndacp6jg5kxkp85qn03gj01dprxf4kaxgfsqbpc24j7r2ek2ebk2hs82xcv0c5ch1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%26client%3Dca-pub-2910357982650786%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 516074
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rc7Kr1ANQYaNLmrE4ouSsK5FFr2diAd9nu84k%2B%2F%2Ff9d7ipi2KjTqXVkOxNKuULhcWR9rGIviWoxIlMJyQJbKegbDcVKBMwPU1ZZCkVIZ0CzfKil6HDjg26ue1oxi9uOOxpo2C9KIATQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7833615e3eb3d62e-CDG
expires: Mon, 02 Jan 2023 13:08:29 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4786 35 KB
12 KB 87ms
23ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gd43vbsfa0rjm9ty8az96xf1ggdnxbh46etkrx4gagqzptaar0nt2cy1vnh2dt28w4smxcjx43dzwsdbs2p822mtvz132gj6p4j36j573vbg4dh81n8vyw1r59hc7q26zfgectythj2yr3ngvesfxdhmpffm0m0hegrmcyf01g791gyr61sh3zcxdzqt3bpvv1qm27pa33a3gad8vqthmbdj19cygcrhjdbph1dk54krq1zc7af8atfxqyz0rnmj59xd57t790r5dpscdzm14aetrmhk9frrzdehb9121hch6g8xkhtntmwwp497vakcrb2axa4qzqbks4jhsmvr6rcm8saqenrdz189hdcnjr5jcw7fep3nndacp6jg5kxkp85qn03gj01dprxf4kaxgfsqbpc24j7r2ek2ebk2hs82xcv0c5ch1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 539408
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npG60FXCipXVxDaDW%2B0ajuhjwyg6IOKyHiacXV%2FpmKdrHckPQcakzy0ZOgBhyPGZbIWoCx5a3lqMcEnGI0MOFaNbWYXK%2BTR4LDsmJ2xWgf%2FI7LcXtICi%2BOYCnzkXy3W6jecRcH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7833615e4c80f180-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 27 Dec 2022 06:18:11 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame D60E 36 KB
16 KB 60ms
26ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 11:08:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2FA4 0
0 118ms
81ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTr-JPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwAFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDUMgB5AO2e_pWRi7N7zgpnvaMnxdIg_MoIdK0bNtujblyx9g7qm2ABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjkxMDM1Nzk4MjY1MDc4NhgA&sigh=2SaB7NQsBNM&uach_m=[UACH]&cid=CAQSOwDq26N9_gpALeIc4V23_XfAsphSDxPzVObr5tEeYBb0XNtp4pgpSWkIklksuYRFJQ5JOpNzbnE36zAWGAEgEw&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Jan 2023 12:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 2FA4 0
0 98ms
30ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g3pthvr1vq3ny4264pybg2kk7p8f7c3n9wg7jhjct2tryk7sfe6ym9p6ybbpt0bex8hgggqs0qk3012mc7er71910dm7b8y5p8yp3vhmqspcvm845gcv242tvhv4c9yenyp3kep3we2ekzxna7f93sz1317jh42ane3h7c7fymvbs630dataf68j1xbn4efay5gj9gx0537m7r2tqx38f3kea4a4jqnc1vjr304vc6wy85vserg4jz8tpa5xk00y2q2dwfjn3hjxs4b411tsxrjm165s1b1rqtj1hq927922hzjwj54jgg5907b5xw5w7ytvmt26vn92834v437dfwe5xchshbfdbt5yac669pmeak98e80md07ymyrqter1j8gn8963r&b=Y7LJPAAHOJAKGJRVAAcIzB-b6IICNGYf3B5hqQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 02 Jan 2023 12:08:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26EB 0
20 B 78ms
60ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=58&version=r20221207&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 26EB 0
17 B 116ms
82ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cn7uFO8myY5TbJbuDiM0PtN2pyAP3-e6eboT309KKEJiS-IezAhABIMr-1ocBYPsBoAHvnf_bKMgBAakCUoYOYYJhez6oAwHIA8sEqgTDAU_Q-MT6j024l5cXFI84Kcmi7RPL8MamoxjyzKwBru-wFP_L14uMNcbAPrLzoq5RKUWg9tSqaGmJ8leorV5xUIMu9cgrLniiVDO7WDuDUiLQahbPkqRDi5o19h6kUjlsaIy17sAUPGA0J3YoMtpjREc8n9G7AoSIsnd_JuGiltN3kme67rNK9MM-AZQpnEEl7FzTBLlGvR8cc5kOlEV4mC3rK2zIapcOt0tf23kMHeLEnmhLZzTMiwkkkNjxt2goqnyjrsAEqML4goIEkgUECAQYAZIFBAgFGASgBgKAB57D1bsDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQhFjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=K2OS19MK_M8&uach_m=[UACH]&cid=CAQSGwDq26N92cPJqmGXsKSK2jSMF-ZJl9PsJVlT1RgBIBM&vis=1

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Jan 2023 12:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 8B36 89 KB
11 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kmwh69ynhpbrd7h29bacswvmy78qe9ejnbnvb0cvzzc3vrwz29d47apnj29qbtm2kmzbnr5hhah5rjej372t2zjwgshyj9880gy4ckrwpxt9gem77xgzx2hj11ae21rvxa8hakg6xvcd4vpzr54ktsgjsj1h1f1dbcdmq9qvgb00h7fa4r361yt2hct7ppx6ra0h4cy49ndjxst2vd3ck1gms20s7qg0atxafgf5cr6yn99p3f75scr76x1k8jd0rgcf6xfbyz80mgtq3hx884yga6ck7gpfv8pjqbk7gv3rjmcwjkakqakennw6cjgxqk75n6py316f4t5e4px10m7xww65fr43fss9aapjavr0xqtcj65g44zza310v3309chcw9w80d58scdhmsebgc8cdaxssrhys82a1bgzfpkeftcsgbbxg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kmwh69ynhpbrd7h29bacswvmy78qe9ejnbnvb0cvzzc3vrwz29d47apnj29qbtm2kmzbnr5hhah5rjej372t2zjwgshyj9880gy4ckrwpxt9gem77xgzx2hj11ae21rvxa8hakg6xvcd4vpzr54ktsgjsj1h1f1dbcdmq9qvgb00h7fa4r361yt2hct7ppx6ra0h4cy49ndjxst2vd3ck1gms20s7qg0atxafgf5cr6yn99p3f75scr76x1k8jd0rgcf6xfbyz80mgtq3hx884yga6ck7gpfv8pjqbk7gv3rjmcwjkakqakennw6cjgxqk75n6py316f4t5e4px10m7xww65fr43fss9aapjavr0xqtcj65g44zza310v3309chcw9w80d58scdhmsebgc8cdaxssrhys82a1bgzfpkeftcsgbbxg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%26client%3Dca-pub-2910357982650786%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 516074
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1corVACqGadpbaBogSCm5%2FzWEBMVSuaXOVEb%2FJgqcP4KIdh1yVXlxjRNekUYC9FwlyogBvkkURIBfuRLx2gYWSlblC0eK%2F59%2BVUkP4emPGhYTbtiCPM9%2FEthR9B1Oe%2BtHUK98TMV3js%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7833615f58cfd62e-CDG
expires: Mon, 02 Jan 2023 13:08:29 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 8B36 35 KB
12 KB 30ms
30ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kmwh69ynhpbrd7h29bacswvmy78qe9ejnbnvb0cvzzc3vrwz29d47apnj29qbtm2kmzbnr5hhah5rjej372t2zjwgshyj9880gy4ckrwpxt9gem77xgzx2hj11ae21rvxa8hakg6xvcd4vpzr54ktsgjsj1h1f1dbcdmq9qvgb00h7fa4r361yt2hct7ppx6ra0h4cy49ndjxst2vd3ck1gms20s7qg0atxafgf5cr6yn99p3f75scr76x1k8jd0rgcf6xfbyz80mgtq3hx884yga6ck7gpfv8pjqbk7gv3rjmcwjkakqakennw6cjgxqk75n6py316f4t5e4px10m7xww65fr43fss9aapjavr0xqtcj65g44zza310v3309chcw9w80d58scdhmsebgc8cdaxssrhys82a1bgzfpkeftcsgbbxg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 539408
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3tfPkbAeVv9m%2BfgxpU2cXGJKeYtRskPO0JzSH5nbfpPWZl6LUVQ475rYVt3T1l7JmUOxzIJS1q5XK6IN3x0Dr6%2BIq2P0w%2FlGcwYySePJNQ8sCtGGg%2Bx7dhV5kM12J7i89GHnOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7833615f58d1d62e-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 27 Dec 2022 06:18:11 GMT

GET
DATA 200
OK truncated
/ Frame 2FA4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 566801ffec305cad8fff811d1f8bdeda134444f3a9f7a6376a614f61eed07b39

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6754891836638084800
tpc.googlesyndication.com/daca_images/simgad/ Frame 2672 9 KB
9 KB 30ms
29ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6754891836638084800?w=180&h=360

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefd4b3b4358c174a20f53199c621e2cfd404d469743ca5a0c89c683e399b878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 17:27:35 GMT
x-content-type-options: nosniff
age: 67254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9399
x-xss-protection: 0
last-modified: Sun, 01 Jan 2023 03:26:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Jan 2023 17:27:35 GMT

GET
DATA 200
OK truncated
/ Frame 2672 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be37a65b7f457ef2d69f7fc5ebd47cf37d0f866631ec9d1f8f06dd59d7c5ecb2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F791
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKaZVkjK3Z_H3_S83dX1yr8&google_cver=1&google_push=AavPq0NHtVct--D6_XI9P4DUK9IPbZL0QBKSrp2YpV9fZA9Fzhw-nNSyBISzAlwFEoFvY7aOcMwZSe7VZQ7LE9ZmhXOSMKvBXCzPlbo
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzczNjA2MTUzMjc2MjAwMjMzNA==&gdpr=&gdpr_consent=

170 B
188 B

47ms
38ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzczNjA2MTUzMjc2MjAwMjMzNA==&gdpr=&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzczNjA2MTUzMjc2MjAwMjMzNA==&gdpr=&gdpr_consent=
pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F791
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJha09NIKlCoS5QmRr1fUNk&google_cver=1&google_push=AavPq0OKczNEQe_bGaFMNsCUTZrKUNMTIXxjpmYgFbPBT6UjB4FkEY8wRlCx9OYuFG9Uu7k4h0RGpUA63phozBlL...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0OKczNEQe_bGaFMNsCUTZrKUNMTIXxjpmYgFbPBT6UjB4FkEY8wRlCx9OYuFG9Uu7k4h0RGpUA63phozBlLWWTaG2xHRNTEpsk

170 B
188 B

59ms
58ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0OKczNEQe_bGaFMNsCUTZrKUNMTIXxjpmYgFbPBT6UjB4FkEY8wRlCx9OYuFG9Uu7k4h0RGpUA63phozBlLWWTaG2xHRNTEpsk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 02 Jan 2023 12:08:29 GMT
Server: MT3 277 3f0ad7a master zrh-pixel-x24 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0OKczNEQe_bGaFMNsCUTZrKUNMTIXxjpmYgFbPBT6UjB4FkEY8wRlCx9OYuFG9Uu7k4h0RGpUA63phozBlLWWTaG2xHRNTEpsk
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 02 Jan 2023 12:08:28 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F791
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFy--NagN-oLosJO_kJC4dI&google_cver=1&google_push=AavPq0MxZg4wH3BVh78Fpu3l1PZ1jJuXdugFK_-kAIkQvJBQald2lEMQ1Wu5Ps0i8STMSWLqgOs5TcmApcY8y0tpNEARxhGAYmazSAI
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF1D4B78C35B431F9CF1FECE2162B14F&google_push=AavPq0MxZg4wH3BVh78Fpu3l1PZ1jJuXdugFK_-kAIkQvJBQald2lEMQ1Wu5Ps0i8STMSWLqgOs5TcmApcY8y0t...

170 B
188 B

44ms
43ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF1D4B78C35B431F9CF1FECE2162B14F&google_push=AavPq0MxZg4wH3BVh78Fpu3l1PZ1jJuXdugFK_-kAIkQvJBQald2lEMQ1Wu5Ps0i8STMSWLqgOs5TcmApcY8y0tpNEARxhGAYmazSAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 02 Jan 2023 12:08:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF1D4B78C35B431F9CF1FECE2162B14F&google_push=AavPq0MxZg4wH3BVh78Fpu3l1PZ1jJuXdugFK_-kAIkQvJBQald2lEMQ1Wu5Ps0i8STMSWLqgOs5TcmApcY8y0tpNEARxhGAYmazSAI
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 01 Jan 2023 12:08:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F791
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELBGj2hwcaRQGMU5ejgXcL4&google_cver=1&google_push=AavPq0PLgfPYMkzCf4aLXEu0A8GLy570LuPHt7XzHMiMc1R2IIc5aOrkJY8Ku4eXS6HK_65MAHNzetqibuS...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PLgfPYMkzCf4aLXEu0A8GLy570LuPHt7XzHMiMc1R2IIc5aOrkJY8Ku4eXS6HK_65MAHNzetqibuS__opUoMoeVmJU247nwqw&google_hm=pAEX_AoaQgO3BlK2E...

170 B
188 B

45ms
45ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PLgfPYMkzCf4aLXEu0A8GLy570LuPHt7XzHMiMc1R2IIc5aOrkJY8Ku4eXS6HK_65MAHNzetqibuS__opUoMoeVmJU247nwqw&google_hm=pAEX_AoaQgO3BlK2Euk457M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PLgfPYMkzCf4aLXEu0A8GLy570LuPHt7XzHMiMc1R2IIc5aOrkJY8Ku4eXS6HK_65MAHNzetqibuS__opUoMoeVmJU247nwqw&google_hm=pAEX_AoaQgO3BlK2Euk457M
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sync
x.bidswitch.net/ Frame F791 0
71 B 114ms
111ms Image
text/plain 3.65.71.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOiC_9xcTsq3UXioPWNNlfQ&google_cver=1&google_push=AavPq0P3KPrGud2C372BzmIO_2Wmq6qkLEYgiP3iF3dltNIMfcJA4TvK-cds1CfOs6A6EYsCueXVfKEjwZWy47YbZZWGHHvOyoZXmik
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.71.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-71-95.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
cache-control: no-cache, no-store, must-revalidate

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F791
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEItkQkVlciXy70CDKS0FfJw&google_cver=1&google_push=AavPq0MGEmds-J-6uqbnSmK8v4dDSN5aiY6FMBBlDF3Wn3A4a2fV92_4vyOkNf-FFb9Emg0MzEgoGZgy...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcwODY5MTk5MzM4NjQ2NjU&google_push=AavPq0MGEmds-J-6uqbnSmK8v4dDSN5aiY6FMBBlDF3Wn3A4a2fV92_4vyOkNf-FFb9Emg0MzEgoGZgyL...

170 B
188 B

44ms
44ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcwODY5MTk5MzM4NjQ2NjU&google_push=AavPq0MGEmds-J-6uqbnSmK8v4dDSN5aiY6FMBBlDF3Wn3A4a2fV92_4vyOkNf-FFb9Emg0MzEgoGZgyLibQLh__q5l4nuso7Kjr_g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcwODY5MTk5MzM4NjQ2NjU&google_push=AavPq0MGEmds-J-6uqbnSmK8v4dDSN5aiY6FMBBlDF3Wn3A4a2fV92_4vyOkNf-FFb9Emg0MzEgoGZgyLibQLh__q5l4nuso7Kjr_g
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F791
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDaVmvpwIxj3DEi8PfzEJow&google_cver=1&google_push=AavPq0MLzjZCYqzhiIZLM-0pCwCKygG-4zjgWhJlXl266f4bcOefMYEQKw9LgWPzQBEPNFt99u6Y5L174HOQ_WNNWHMIlyxbRi...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0MLzjZCYqzhiIZLM-0pCwCKygG-4zjgWhJlXl266f4bcOefMYEQKw9LgWPzQBEPNFt99u6Y5L174HOQ_WNNWHMIlyxbRiV...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1OTQ2OTcyNjU1ODg5NjM3NDc0Nw%3D%3D&google_push=AavPq0MLzjZCYqzhiIZLM-0pCwCKygG-4zjgWhJlXl266f4bcOefMYEQ...

170 B
188 B

52ms
49ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1OTQ2OTcyNjU1ODg5NjM3NDc0Nw%3D%3D&google_push=AavPq0MLzjZCYqzhiIZLM-0pCwCKygG-4zjgWhJlXl266f4bcOefMYEQKw9LgWPzQBEPNFt99u6Y5L174HOQ_WNNWHMIlyxbRiVhAg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1OTQ2OTcyNjU1ODg5NjM3NDc0Nw%3D%3D&google_push=AavPq0MLzjZCYqzhiIZLM-0pCwCKygG-4zjgWhJlXl266f4bcOefMYEQKw9LgWPzQBEPNFt99u6Y5L174HOQ_WNNWHMIlyxbRiVhAg
date: Mon, 02 Jan 2023 12:08:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F791 0
12 B 38ms
35ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IWbUnBWOu3YFVp3UzA2miBdtHmY8GA28Pz2gS8ArAt2PPdcBFNid3LmCGk2YerP4YjUKlG

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=2820297975&adf=3016456172&pi=t.aa~a.3913624103~rp.1&daaos=1672657528806&w=1200&fwrn=4&fwrnh=100&lmt=1672661308&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672661308390&bpp=1&bdt=1867&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D42fc0cab2656c68c-2284be20eeda002b%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg&gpic=UID%3D00000b9c122af654%3AT%3D1672661307%3ART%3D1672661307%3AS%3DALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6261394787486&frm=20&pv=1&ga_vid=539259531.1672661307&ga_sid=1672661307&ga_hid=898813715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071220%2C44779794%2C44780792&oid=2&pvsid=1298285130990957&tmod=1032170220&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zhqmJDDl0q&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1009 36 KB
16 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 11:08:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2672 0
17 B 82ms
81ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cun1OO8myY5PbJbuDiM0PtN2pyAP3-e6eboT309KKEJiS-IezAhABIMr-1ocBYPsBoAHvnf_bKMgBAakCUoYOYYJhez6oAwHIA8sEqgTDAU_Q1-50lGNURjozImDr0iYGr999gW69kVD2Wl0T6qdSFtavNTFHF4dsA2Lp6exkTKShIO-4kuFzSz1Idbnp4Ke_6fdkZPg5PPcJFOpeUqM3joK7CweOZ3yr3kwXbeML3AOYSw-Lw8Q26nIIMU4dIsKylW8A8R0RacT2WdwYLq2t2xFuSu5duYMMZS6vbhwQVDUSFXUEz-O-6Td3uhHNyVqvUwx9REBOlOosGNU0oCXx6nbUMqu9msRh5OzYUEJkq6R558AEqML4goIEkgUECAQYAZIFBAgFGASgBgKAB57D1bsDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQi44B0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFATQFQGAFwGyFxwKGggAEhRwdWItMjkxMDM1Nzk4MjY1MDc4NhgA&sigh=HXdBlpNXX8o&uach_m=[UACH]&cid=CAQSGwDq26N92cPJqmGXsKSK2jSMF-ZJl9PsJVlT1RgBIBM&vis=1

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Jan 2023 12:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4786 3 KB
3 KB 110ms
33ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1425
x-guploader-uploadid: ADPycdvuf-G1KID1gkOkM-g2aJQOCL2viarMyjcOegz_B5dhIE0orE4Bm68NYO2LrAFlD-l4buI6hLfkiI43xVG_fC7Lmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn%2FO5RIRh4NBA0MGnX%2BUN5%2FK7cUXpeNgqL3ybLCXgj%2BfZhP2W4BDYzha1yQovdzr3oPuJB0KkPecaNQAhl3qwCA1%2FCbbUVE9Jx4Yd2QHc2lHJDEgOeTG%2FuJVTc4O7y0QSkuzXLxd0CbM6r5XjG1mK19Q"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 783361615e0dd6ae-CDG
expires: Mon, 02 Jan 2023 12:37:09 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame D6E2 36 KB
16 KB 39ms
26ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 11:08:10 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 5A73 2 KB
1 KB 36ms
29ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1132415
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 783361613be3d62e-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 02 Jan 2023 12:08:29 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZynaEFhbcY6zZeWkr3eElWV5yKY5eoXyhVam32eHsAoyj1C8UBrs4ydD57ZKPfFp%2BE6ODh%2FAaVkRdMq%2Fqe7%2BxARg5rtqqYwvWyFwl%2BuChdd71n%2Bu6LxbxfX8H%2Bf%2Bp%2BeK8UnrB8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8B36 3 KB
4 KB 58ms
31ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1425
x-guploader-uploadid: ADPycdvuf-G1KID1gkOkM-g2aJQOCL2viarMyjcOegz_B5dhIE0orE4Bm68NYO2LrAFlD-l4buI6hLfkiI43xVG_fC7Lmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuXtUFjgLQXQBlpQZQFZ2GeqBKHUg8o%2FH%2FrZi9VLB0AUuLsxVhMRZJXBmCcIFSCJp3vP2fd2Y6krJXArzpuUucDqZYjuyG8dP4C581vPJyl0TuraIK%2FpltFfNcryrf18rxt%2B58UwikReTm9drOjthCo6"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 783361615e0bd6ae-CDG
expires: Mon, 02 Jan 2023 12:37:09 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame DF62 2 KB
1 KB 36ms
34ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1132415
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 783361613becd62e-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 02 Jan 2023 12:08:29 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgINmwJBiPGOOKH4R48Prh7bsvapy1ZpSikIUFNhei6KmSAAt%2BR0E33e0eyX%2BtLv2vl1rX8Wv9wKnNrvzI4JwJiF0IX3XyotiKCJG6HYTlWcnzRc154AO%2BHlx2iwHIiSQ4%2Fn7dg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 136ms
79ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e2fff1c0e5a1b8abe42cc6e0e80d8d7deec0dc81ca5ccc98c5008c4a084a06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11268
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 4786 1 KB
2 KB 49ms
48ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c5a3e8f2a2171a0e7107419ed3f41eb104b90156baf648f549ede03cb57060

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaxJStPs%2BZeS%2BG4%2BxsAiL66nF%2FCd8T%2BoX12LHgL5Nyjpj3kSbaVGmFBlkw1A5a3%2BrbcA1M7LTPQCicmz9trAoHvWSjXUG4n38OWybmuL13vE3pjQw6o8JtAmunhLPg8xEkPl19o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78336162dbf1d574-CDG
x-backend-server: aa-reachservice-group-europe-west1-3b3l
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 8B36 1 KB
2 KB 49ms
47ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3570f4086000c0c2c648366f62e70a26a1d2052b7c5eb17f95e5f3d92305f29e

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 02 Jan 2023 12:08:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uww63kBGNx46BRHx4C4jDAPb4jAFgt06HlQGery1u6GsGkLgZqBcRCR%2B17PD0qPi80aWLygfUpf3gZVRPlHoXz%2FHGAI7vIy6sq6wc%2FSYTti0hEpvImD6j32R8I9StJHedZGNNPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78336162cbebd574-CDG
x-backend-server: aa-reachservice-group-europe-west1-tbx2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 76ms
47ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 783361628b9fd574-CDG
content-length: 24
content-type: text/plain
date: Mon, 02 Jan 2023 12:08:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvCXZOCgZBuAEJUT18Qn61wuSKE07U2GEzVcSPz9WdM82itpCSx7WnohfLDoy06V4HgWY4OYYNpHbxosDY08xUMhvqFX8pPPG72iTjsXuBi3CYLwqGRZvyJMmRfUp74K82NZa%2Bw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-tbx2

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 69ms
43ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 783361628b9dd574-CDG
content-length: 24
content-type: text/plain
date: Mon, 02 Jan 2023 12:08:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUi81AvYnUc%2FB7wDtXj1kifBnntiAZSKuJkEKEYYGmm%2FAHwQ8OZlM7%2BXa5BMMxrPWrN2MKlbAB71FkmdTV3FE0taVCl8%2FD18F1QI%2FllOO%2BAmAonhWSH6ougANFBRsSQIl6zP4H0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-tbx2

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 1993 9 KB
4 KB 57ms
57ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df4160235fe4b6ca05c03296f1f5fe7540ff39118bfbd3737c23c7f689f4f589

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kmwh69ynhpbrd7h29bacswvmy78qe9ejnbnvb0cvzzc3vrwz29d47apnj29qbtm2kmzbnr5hhah5rjej372t2zjwgshyj9880gy4ckrwpxt9gem77xgzx2hj11ae21rvxa8hakg6xvcd4vpzr54ktsgjsj1h1f1dbcdmq9qvgb00h7fa4r361yt2hct7ppx6ra0h4cy49ndjxst2vd3ck1gms20s7qg0atxafgf5cr6yn99p3f75scr76x1k8jd0rgcf6xfbyz80mgtq3hx884yga6ck7gpfv8pjqbk7gv3rjmcwjkakqakennw6cjgxqk75n6py316f4t5e4px10m7xww65fr43fss9aapjavr0xqtcj65g44zza310v3309chcw9w80d58scdhmsebgc8cdaxssrhys82a1bgzfpkeftcsgbbxg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%26client%3Dca-pub-2910357982650786%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 783361632ee4d62e-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 4C88 9 KB
4 KB 47ms
47ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76169912c78fdf280f79642ebc5a30dc4ca5fb4089db82089b2d329872a54777

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gd43vbsfa0rjm9ty8az96xf1ggdnxbh46etkrx4gagqzptaar0nt2cy1vnh2dt28w4smxcjx43dzwsdbs2p822mtvz132gj6p4j36j573vbg4dh81n8vyw1r59hc7q26zfgectythj2yr3ngvesfxdhmpffm0m0hegrmcyf01g791gyr61sh3zcxdzqt3bpvv1qm27pa33a3gad8vqthmbdj19cygcrhjdbph1dk54krq1zc7af8atfxqyz0rnmj59xd57t790r5dpscdzm14aetrmhk9frrzdehb9121hch6g8xkhtntmwwp497vakcrb2axa4qzqbks4jhsmvr6rcm8saqenrdz189hdcnjr5jcw7fep3nndacp6jg5kxkp85qn03gj01dprxf4kaxgfsqbpc24j7r2ek2ebk2hs82xcv0c5ch1g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%26client%3Dca-pub-2910357982650786%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 783361632ef2d62e-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 269ms
268ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 12:08:30 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 565D 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsset7mvCudUe50yiP22aP0RxyKDVUh9YdGZG8CcJEKVtwoGJxamRvy0ew-nMw1Re5nI3NiLvIhiwkB15AeFfF_4vFKPVOU9wkHrRxijC3UCZIYm0zyH6Cg9PFdX2Q30Qd_oXTyrWw&sai=AMfl-YQCQskwOm9_dwZOb-xNXdifQBoVACsIcD8nMaJJcYSdD4lfyFyZJxJ5QWd3OUEC-R3J6w1VoeqoDE2esmk&sig=Cg0ArKJSzANelltqcicdEAE&cid=CAQSGwDq26N9wmjfwgGBo1TblMvsENq8lN_00rUQYRgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672661307495&rpt=1441&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 4C88 89 KB
11 KB 42ms
41ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 516075
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FEZBpldTtpe4jLHqe8MTa0SAAscLdIJTW2RFgr9o6T369yphhRLjn2BJLt15qBYIjm%2BGJDIqni9A3byzzPpahvyMv84h339QH4inw4j6HeSZrWJNgG7504olSSibpzVSS7dHMnX0YU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 783361638f57d62e-CDG
expires: Mon, 02 Jan 2023 13:08:30 GMT

GET
H2 200 2DA50BA4B30E68896D388657F0DD0AC1D219A23FD4846EB3858E4AF72DA355BD0FC39CAADD135A2255D673E979C674160ED856601426B42C40D9BCDC4D406CF0
assets.ad4m.at/logo/ Frame 4C88 49 KB
50 KB 45ms
34ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/2DA50BA4B30E68896D388657F0DD0AC1D219A23FD4846EB3858E4AF72DA355BD0FC39CAADD135A2255D673E979C674160ED856601426B42C40D9BCDC4D406CF0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93651d2892a54000c4aff7a44b14b325ed2e1e0a88ea907b54e1f98fc6ca616f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1576326
cf-polished: origFmt=png, origSize=104051
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50576
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Apr 2020 09:54:02 GMT
server: cloudflare
etag: "7a4502b01881c490069ab2174de5eabb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWgqi6EKwmkZW5Q1mmf6%2FBaqKc3agK1IqKXFF6aNMB4msCA2fYsuJhu4%2Fh%2FgoM2is9rwRyMnZaT6GEkHhPIbFuqqRvJNt586dGtCs4Gz78DeOxCrKfOzyjdLbAJF%2BMM12l9Dm4DcLCv9t74K"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 783361639bf0f180-CDG
expires: Tue, 03 Jan 2023 12:08:30 GMT

GET
H2 200 C583719AF39194B61EAFCAF6A06967B3D55BE263D778BD79B1132ABB2E8DA28AB35D210D1DEA343FEBFC9F8569F533294B9D166BCBA43A074CFD3690C41D188A
assets.ad4m.at/product_image/ Frame 4C88 43 KB
44 KB 215ms
197ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/C583719AF39194B61EAFCAF6A06967B3D55BE263D778BD79B1132ABB2E8DA28AB35D210D1DEA343FEBFC9F8569F533294B9D166BCBA43A074CFD3690C41D188A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5118f5fe0ddbf3888d461e29d30d11f6b01b32ef178381d2259dd4bbdd88ebc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1194460
cf-polished: qual=85, origFmt=jpeg, origSize=102472
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44412
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Jul 2021 09:48:28 GMT
server: cloudflare
etag: "d308a34122a97b371964832dabfe9056"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HE5QlL9%2B6pt7uHLyYPpH0AXENMCxYY8Ks5lrVysQq9DcBU88sEhTJliTDqHjto2wCIgRmtn4pqL4BMKB9QLmZ8y%2FRPpLdF0Z%2BpJGJDlshRDJS0Px48nHDxYOoxISMz6EmxmVJ7jROBQ1QXf8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78336163cc31f180-CDG
expires: Tue, 03 Jan 2023 12:08:30 GMT

GET
H/1.1 200
OK /
vcb.happ-e.fr/ Frame 4C88 43 B
2 KB 285ms
77ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcb.happ-e.fr/?t=P4B11756C8631B27&argsite=oneid8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJskoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: front.netaffiliation.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:30 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.017689943313599
Connection: close
X-TRK-PROC: 45335
Pragma: no-cache
X-TRK-SRV: 6
Server: nginx
Last-Modified: Mon, 02 Jan 2023 12:08:30 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame 4C88 14 KB
15 KB 216ms
198ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1362222
cf-polished: qual=85, origFmt=jpeg, origSize=19949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOakjOPFfv7obvWY0pKy226EuM9VeCGoWP%2BeK9YdzcGNm4jp8Ynuld3M9WCr62JkyC5%2FXLtsoxT6cbLK7Ic9V9yvd9imgDM7%2Fu8TdXptR3JY%2BwZwqAgrILQY69OsqzETdcKx%2FUl20z3ZZWdu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78336163cc34f180-CDG
expires: Tue, 03 Jan 2023 12:08:30 GMT

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame 4C88 274 KB
275 KB 176ms
168ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2355199
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tF2SLlGrHiDRYFRGATgBTuPAi%2Ff6WkU8SOnZyWGQScpeA0H1rjIvNe9q%2B%2B1LcISeirNqMZhp5f0e2YO0mAgIjEXWKhFNPpkqI5304jnoxiTNjZwPauGfXPUBP1OGrTDdaXANfn7ERLfFPuIo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78336163cc35f180-CDG
expires: Tue, 03 Jan 2023 12:08:30 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame 4C88
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

180ms
61ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 1121
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135736

Redirect headers

Date: Mon, 02 Jan 2023 12:08:30 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0098459720611572
Connection: close
X-TRK-PROC: 58179
Pragma: no-cache
X-TRK-SRV: 1
Server: nginx
Last-Modified: Mon, 02 Jan 2023 12:08:30 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
assets.ad4m.at/logo/ Frame 4C88 7 KB
7 KB 208ms
200ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69af47ae4c1d90831351b53f445bdf076b8991e2e4d543c8edd96d42957d41f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248683
cf-polished: origFmt=png, origSize=21356
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7240
cf-bgj: imgq:85,h2pri
last-modified: Fri, 25 Nov 2022 10:24:03 GMT
server: cloudflare
etag: "259405af3fc71c071b3fbf0cd0e617cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUFulUdvTgBzULfIlAARwY5fkfhleyuDc%2B9swEx%2FeGCDKlWCYmNBIA0KqTpjjfHDED4SA0IH%2BLVYiH4hH8NO8lnzAUOdc9%2BD9PtyRmy%2FJJS7UukiIpMqg9koM8ysRFDJvOqjFhRNKndIi5WP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78336163cc38f180-CDG
expires: Tue, 03 Jan 2023 12:08:30 GMT

GET
H2 200 4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
assets.ad4m.at/product_image/ Frame 4C88 36 KB
37 KB 206ms
199ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc567bde2ce90dd90e0d3b0bd59021c45a440a12842354e0e026e4069352265b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1793024
cf-polished: qual=85, origFmt=jpeg, origSize=87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37370
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 13:48:14 GMT
server: cloudflare
etag: "9a6129b7ff41e62364178396f58341a3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzaMXxp4%2Fi8TP5Lx1j9hzHg3rqU01u66r4qY%2BkXgsk1MFyHyxg%2FZJ0eAV5idON5KNi2tKn7%2FwlLXGJ3D%2FH00Wht1ScMFnlDE7negXhEvLgRmdwtJwxN84JI%2Bkd%2BJ%2BdZN2jk%2BNgvori%2FGBWbh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78336163cc39f180-CDG
expires: Tue, 03 Jan 2023 12:08:30 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 4C88 43 B
705 B 282ms
79ms Image
image/gif 23.67.134.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2993007&v=25911&q=423187&r=412871&pv=1&pref3=oneidbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=2bbfeff039e90a0a8493a913a064a9a6%2F14409526271357370637&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309916&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geb3cgtka5j8s0qmy1tdt0vsa5zqd5253wjkk6mhbx0tma2k1eh9tfhd1fdv5ca67bkdrbcfrfw507hfhet23myg44pg612fb3vwjtcns4aszf9vnraf0jcrd7yp35sk7gam0cctat4d1h5x8m991jmsec3bs7vkt756a00nv7dbaahatcb007x8p172kk1wjap46bjd7cjrnkq70eg0hzmhntqrr7rq3eya4f75231zh87ek9rpz6jrcx2b7az5fg5gr66bs9h3jqqqzb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIgCbPMmyY46hHJG2YK2miYgL4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0PWoDjun1ZDmgMOGMB_zNWy8gTolqtiTh-AyXjLkSZvf3f8OEczKz8MLBtwbEchX8ttJA7GcPIpSLc8raA5rD3lrgPk9I0ha1BdnXFRvz89t4608WWBcDgPPxsTN5aFdwMWnw3XcXiMl23YfBzZ2rC4DCD4A5d1vEAYWG7Nd6f9czU_EF-6MG5tos-dL5aPkRDlQDHjVQBtrHzMYXb43TEOq-QV8_ReTnkgmAvT9qZ0gXX-uSvIcukEZx1Jw0LnA2-eABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2JmH_Rphw12zFEau9Z8hr6iohmew%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.67.134.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-134-223.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Jan 2023 12:08:30 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 1993 89 KB
11 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 516075
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYpb7YjtN2dCp4rZ8Fi3gLl2LT5Z9EQqPplvtno8K8hU2M0qaJ02RI235T%2Fnl3lJ%2BXmi2O%2Bz7mQjfMAQOIrwrs6Bws8HO%2FCou6uaHzNXJ9ARP%2FR9sq8BU92kUnh2zdYfQAijT7CGbd8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 78336163af89d62e-CDG
expires: Mon, 02 Jan 2023 13:08:30 GMT

GET
H2 200 2DA50BA4B30E68896D388657F0DD0AC1D219A23FD4846EB3858E4AF72DA355BD0FC39CAADD135A2255D673E979C674160ED856601426B42C40D9BCDC4D406CF0
assets.ad4m.at/logo/ Frame 1993 49 KB
50 KB 186ms
185ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/2DA50BA4B30E68896D388657F0DD0AC1D219A23FD4846EB3858E4AF72DA355BD0FC39CAADD135A2255D673E979C674160ED856601426B42C40D9BCDC4D406CF0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93651d2892a54000c4aff7a44b14b325ed2e1e0a88ea907b54e1f98fc6ca616f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1576326
cf-polished: origFmt=png, origSize=104051
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50576
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Apr 2020 09:54:02 GMT
server: cloudflare
etag: "7a4502b01881c490069ab2174de5eabb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uslJhQB8rorXXLzTBuC%2ByPN1RNRVRyle1%2BI8FFQSoLo3aESd5M%2F17BxRz%2F6qY5pvL3vz4ZsSgtgRW6KtgkRcO%2F1B%2FmsMAsAjcVLWLOKyKvt3x79v48PuZrFmXjZAV5dSPwmNs2nhELqFycfA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78336163abfbf180-CDG
expires: Tue, 03 Jan 2023 12:08:30 GMT

GET
H2 200 C583719AF39194B61EAFCAF6A06967B3D55BE263D778BD79B1132ABB2E8DA28AB35D210D1DEA343FEBFC9F8569F533294B9D166BCBA43A074CFD3690C41D188A
assets.ad4m.at/product_image/ Frame 1993 43 KB
44 KB 204ms
199ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/C583719AF39194B61EAFCAF6A06967B3D55BE263D778BD79B1132ABB2E8DA28AB35D210D1DEA343FEBFC9F8569F533294B9D166BCBA43A074CFD3690C41D188A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5118f5fe0ddbf3888d461e29d30d11f6b01b32ef178381d2259dd4bbdd88ebc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1194460
cf-polished: qual=85, origFmt=jpeg, origSize=102472
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44412
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Jul 2021 09:48:28 GMT
server: cloudflare
etag: "d308a34122a97b371964832dabfe9056"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2dM56l%2FkWI0gEJgG9wYrM69fJ6nE2JUiJnvuzKvAnbbsIcFcxZwLWL%2Fbr8KG1zsQ6vC%2BTW74GPrNPi6ZyQUO4gARexQ23cEvvfzo0WxseIFyjor0ChjwygvlIoNp4NxTxmm2mcX0WJZ6c43"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78336163cc3bf180-CDG
expires: Tue, 03 Jan 2023 12:08:30 GMT

GET
H/1.1 200
OK /
vcb.happ-e.fr/ Frame 1993 43 B
2 KB 249ms
54ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcb.happ-e.fr/?t=P4B11756C8631B27&argsite=oneid8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJskoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: front.netaffiliation.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:08:30 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.011077880859375
Connection: close
X-TRK-PROC: 45335
Pragma: no-cache
X-TRK-SRV: 3
Server: nginx
Last-Modified: Mon, 02 Jan 2023 12:08:30 GMT
X-TRK-DECISION: 7
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame 1993 14 KB
15 KB 204ms
199ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1362222
cf-polished: qual=85, origFmt=jpeg, origSize=19949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAsY3uO9hdatFwXWCibmdAv%2FG6p%2BP91dOCEy90G9EPFprvmDqsMLXOrQmG6xpx0EZ3gH0BiOH2A%2BfKFWPDjui1c8ZyLNZyYiqdRLcFL7fimTPBquBJMxMZXblRrkVCExjkzdxvAS8sqRCm0T"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78336163cc3cf180-CDG
expires: Tue, 03 Jan 2023 12:08:30 GMT

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame 1993 274 KB
275 KB 202ms
197ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2355199
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vjDIZEcGkZExODESPZtPOrHL7YoN3Hh%2BMFvc2oYXj2JfQOhYa%2FWuKR38gS1kqz9oP8%2F3hTjl1Zj9YftyOMNjhVf8YOcluxWKCBIm8y0q7DqANzODc9fc%2FWgFM5pqbkRId8gtRDSbzOEFive"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78336163cc3df180-CDG
expires: Tue, 03 Jan 2023 12:08:30 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame 1993
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

143ms
23ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 1121
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135736

Redirect headers

Date: Mon, 02 Jan 2023 12:08:30 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0060250759124756
Connection: close
X-TRK-PROC: 58179
Pragma: no-cache
X-TRK-SRV: 5
Server: nginx
Last-Modified: Mon, 02 Jan 2023 12:08:30 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
assets.ad4m.at/logo/ Frame 1993 7 KB
8 KB 203ms
198ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69af47ae4c1d90831351b53f445bdf076b8991e2e4d543c8edd96d42957d41f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248683
cf-polished: origFmt=png, origSize=21356
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7240
cf-bgj: imgq:85,h2pri
last-modified: Fri, 25 Nov 2022 10:24:03 GMT
server: cloudflare
etag: "259405af3fc71c071b3fbf0cd0e617cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsTSblTC2zMzoamD4cJhrLLUzTdvotiP2fQARivi1OgUukz5EGvv5WV8pbLSpcrbTflW%2Bde0PuZ8AUNRewy1dUrZLXHLV%2FDGpwezUjZBtAhOz3qcdz4nZgIsESLnPI5xPfDUdEbIBdWWzv6A"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78336163cc3ef180-CDG
expires: Tue, 03 Jan 2023 12:08:30 GMT

GET
H2 200 4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
assets.ad4m.at/product_image/ Frame 1993 36 KB
37 KB 202ms
198ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc567bde2ce90dd90e0d3b0bd59021c45a440a12842354e0e026e4069352265b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1793024
cf-polished: qual=85, origFmt=jpeg, origSize=87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37370
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 13:48:14 GMT
server: cloudflare
etag: "9a6129b7ff41e62364178396f58341a3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BypHsPJ5uut8R2BmZa7fI5UE0aqGnsnhppWc58Kdnw6GTw9faziyizrlCSAq%2FOW5dcuJZTDDTEDa6GPVUc0LmGXdHUjuE0qVve98Sjf1V7%2FiBxeZ6yBvE5Y0sLdYHjwslq%2BR9H63Xud3Cgzr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78336163cc3ff180-CDG
expires: Tue, 03 Jan 2023 12:08:30 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1993 43 B
705 B 290ms
90ms Image
image/gif 23.67.134.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2993007&v=25911&q=423187&r=412871&pv=1&pref3=oneidbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23302%2C15737%2C311476&b=8MEcDfrptgEJhgHJHEtxtQDGfPTwT8JJsk%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ&f=ZkGTwfqrhKGDumHDHDtDCPArTVTXTx33tJ%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2C39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd&c=728&d=90&e=&g=e35912247d7ebeec61aea1dfcf418084%2F17439368701810032225&i=27349%2C2951%2C108136&j=15%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1672661309911&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqs2yhnv48sgjjge9nsw7stw7wgwg6xx945q7h2twd7hw224tehvxmn9vch9hbxy07wvvjh5cmhdy6pat10gz7e8vm6b98ykqx1wmmaffxsvjkz37k0sjw0t5azkm84xzs7ayjhxeqqd13kx8f5pf8gn41q9k2bd8jmymmayj8j27yz1ny8qd4vx8m14856bbh024acq91s321cyzh10mms6x3183jqsw36mj5ebtb2pegqk42ntqa2j5mze57ztyjtpb2j4dcag6xcchzg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpCyCPMmyY5DxHNWoYsyRnMgI4tKy9mHHsY6KjgjAjbcBEAEgAGD7AYIBF2NhLXB1Yi0yOTEwMzU3OTgyNjUwNzg2yAEJqQIqrM9I-fWxPqgDAaoEwwFP0H0pJ51x59jF-2O7M_JGbMxkroRvzeOb91TVIy2SOTSApqLNzddtNvnbip_phPVoiv3um4AkrE3JHcv31VN8DFKYuLvJvhljYZuTxX1aYQse275JJn8a7q2a3fw4G2LK1DabSgv-kqY_WivLwX1GVfXI6K7-qCSG82EIjdZc9VA1H6XeepHetxQE5zeyOghB8myjShtKNdSDEsogdtRP_LqewTIFTljqF7KXlbpCreuh_2vUr1iHnJVqEgSk6qVvDPWABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1wtGW4lJ9eNMr5ZzWTcJ-EIAW0MA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.67.134.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-134-223.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Jan 2023 12:08:30 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 26EB 42 B
64 B 173ms
169ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6bF9Rr0cYLFEKQlYX_TlBEy94tQsBm1iCxYV6UrWsbT0SN2IupkRWHbhV2_QaATGevoOa2Mh4tbHHJKA8cPxN_yS5iSK1KHhH1kfrdfbWByh1IQqhc2WRha5fdyNIXRCwkyoVdQ&sai=AMfl-YRl9t7gwxLB-haP4GwrG_LlO1PilbsX9is4KjnZm35JarIrOQWX6mo-ZVMELJSlwbxZ06l-TDcc1L_jKiY&sig=Cg0ArKJSzOv2bktbS-VuEAE&cid=CAQSGwDq26N92cPJqmGXsKSK2jSMF-ZJl9PsJVlT1RgBIBM&id=lidar2&mcvt=1012&p=-70,0,430,180&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672661308534&rpt=433&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 775D 13 KB
5 KB 27ms
25ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 1191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 11:48:39 GMT
expires: Tue, 02 Jan 2024 11:48:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A473 783 B
534 B 177ms
67ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca33dcf4df52dce1fac17dee6b94b4a15a7a3d21e547669e43bb1ea22edca893

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LrC15X5exnOuQi4p0rmN0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-LrC15X5exnOuQi4p0rmN0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 12:08:30 GMT
expires: Mon, 02 Jan 2023 12:08:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 775D 36 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 11:08:10 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 775D 0
10 B 32ms
32ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ioMTxA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:08:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A473 0
0 60ms
59ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1298285130990957&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2672 42 B
64 B 67ms
65ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshZ1IUo7Jz-XPhVzBPa68ntwoGobh7hb240kDI4n81VeS7jzwHUyjJT4auwWuBg3a9NL0pIxXwKJPEb5A69iSb4d9aJsVxOvhp1-1oaQfjutduqJiegliP2nkqmbAEQ36uEbATwQ&sai=AMfl-YQcfIw30yDcBrrzn8ryTYupsJHTRd8ejXD_xR4JOyzJp-iw2ShLfxp8ofUDYILKgS5sW615YThxHha33co&sig=Cg0ArKJSzB5j53Q1mgINEAE&cid=CAQSGwDq26N92cPJqmGXsKSK2jSMF-ZJl9PsJVlT1RgBIBM&id=lidar2&mcvt=1001&p=-70,0,430,180&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672661308531&rpt=876&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 12:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
63ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1298285130990957&bg=!LC-lL2vNAAYgquz3AKo7ACkAdvg8WsAXer0fYEI4PXfpYghdTJ7c8t9RC_F2lJwEf2gGnjJ2t7NJAwIAAABiUgAAAANoAQcKAIbiWGtyYD0TPlBVJ46TgfEdsynDI_lPtT1eR1SwNG644LB1kUA9dpFxfE7pJCudFcMeWT17J5gx30OvAgEvDvVFXPxKL8zLMRZumvYe83ZbXPnv-TE6uh30GEo7hp_0VmhfVmbgKHy86Ppx5BhEmLbJ4Lf-83gfo_gEhtVebvaH6xxIatQvF5kC5z9zRZS56xU9P831S1rR8GYEd_8ZOtfxw3HiUw_2JgfJ19ijjTGxRiZ3WAA0V3kIVIsvaIxGvdRIhyC3nHuL0BzWwJW1gwypVmgpDp-YM4XK93t5_M835qM-ttc8CrImvXiv2Nn0Bg4xB5blS_MrfwHXCXIYeeWY9zen31BoMY73bz4gGUM-aQolw7_INg8KW8VF3N3QD8G_twI1FVxuiStMXfW4MwpS5ArPBP3pxj7_HtPlRakcghYXBRaay8fvHuFoac27qsoexaZIh5QPobLh8xSplq3hbK1p0hm44x-xKE14gfSdKpyxdovj0DHepwBrBpi4S3cxf8MdqA0b_VMaAyVMV9GhTOvoNsKjs4gx6Q65cUyZ0TK4m6ZhrI6JhCkq8fo2HwBUwOUa8B52rX11fFQkh8FqAU9jNA1AYBKgwzHomefc94_EPrBVpiMclZeEt-x-ntesewDoXjIfa-JibDFOSEfNvc11_lMnrzNp04LYD_8Oa4rVEtAWNY6MW26qkBqGBxq59dZV4NZI9gfMNZZaUGE8hJweupDBOTChoAG_II6jEooPTtxIJJGNCJU_UrY7Cj2F_VDvkI8K9SceJTnpe-uMdkYPChUeKhydyGcZ7TUGyPbSbmZRzm0jA2H2rZDKPaPltAR5zjiRqwrXXAD3ENSv4_5izHI-u85T-RW22UgQ4BWVSSbGBm3sk6sW3jrl2P4X_voQuRaiJgggj36BBG-FhMCp7IXDfssPe5UzLOD9woQtX1XCn6IKdk4T5jTmMJH0VuV_KAxiwfAtBYdaJv5CWJn2MVctcVd4TjTU-gVDzSQ_vzNLhphvbAXPD7o-4RskBYSuhgSqHGfJzhFCjgRUqXNbb1smQ5Q_8p0XzkqBuzNMlY-0-WkT20bV1o_0rmSSSywAdIYcZR1QIqqHt0RcEsZrNIgNzUFuiuUakht3g6rO0yUO5sslRJfcN62Qqt3VGWTneUjip6e1n0TSvDTK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ngembassy.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2d5c90090c446bdf123cd497708c1364
.ngembassy.info/	1970-01-20 18:13:41	Name: _ga_6HX21LM9FM Value: GS1.1.1672661307.1.0.1672661307.0.0.0
.ngembassy.info/	1970-01-20 18:13:41	Name: _ga Value: GA1.1.539259531.1672661307
.ngembassy.info/	1970-01-20 17:59:17	Name: __gads Value: ID=42fc0cab2656c68c-2284be20eeda002b:T=1672661307:RT=1672661307:S=ALNI_MZlc6iP0ioZDoNf0qjboGbghV4tgg
.ngembassy.info/	1970-01-20 17:59:17	Name: __gpi Value: UID=00000b9c122af654:T=1672661307:RT=1672661307:S=ALNI_MYotKkS44Sk8sgf97qsTZvTffd1MQ
.doubleclick.net/	1970-01-20 17:59:17	Name: IDE Value: AHWqTUl0bVhpBlxbBQpZpqayOkpE4MF15P6_haj2_SE-y4Z6MT9XfyJQSB6qCmqc3Xs
.ctnsnet.com/	1970-01-20 17:23:17	Name: gid_CAESEGHtUjz52MJBBHWi6wUF5ak Value: 1
.simpli.fi/	1970-01-20 17:24:43	Name: suid Value: FF1D4B78C35B431F9CF1FECE2162B14F
.adform.net/	1970-01-20 09:22:19	Name: C Value: 1
.360yield.com/	1970-01-20 10:47:17	Name: tuuid Value: 2ebfc1ca-12b3-49a2-ad1a-0754a19e523f
.360yield.com/	1970-01-20 10:47:17	Name: tuuid_lu Value: 1672661309
.bidswitch.net/	1970-01-20 17:23:17	Name: tuuid Value: 7cb3f185-6992-41f4-93ad-b028b0b63406
.bidswitch.net/	1970-01-20 17:23:17	Name: c Value: 1672661309
.bidswitch.net/	1970-01-20 17:23:17	Name: tuuid_lu Value: 1672661309
.yahoo.com/	1970-01-20 17:23:38	Name: A3 Value: d=AQABBD3JsmMCEERHsowv6If3fyDVyZm31s8FEgEBAQEatGO8YwAAAAAA_eMAAA&S=AQAAAr4VrJ4CCFZU7eysO9LibUE
.doubleclick.net/	1970-01-20 08:37:44	Name: DSID Value: NO_DATA
.adform.net/	1970-01-20 10:04:05	Name: uid Value: 57086919933864665
.ctnsnet.com/	1970-01-20 17:23:17	Name: gid_CAESELBGj2hwcaRQGMU5ejgXcL4 Value: 1
.ctnsnet.com/	1970-01-20 17:23:17	Name: cid Value: a40117fc0a1a4203b70652b612e938e7
.bidswitch.net/	1970-01-20 08:37:41	Name: google_push Value: AavPq0PNuQDgaTzgITKpMpE4N4FlfOotKsces1t3tWCwNNcUf0BzkdXU-Iq09wnEs_yhCczLNP1naOWmkCmckd2_9ok4J9EabmzYjWcW
.3lift.com/	1970-01-20 10:47:17	Name: tluid Value: 1659469726558896374747
.turn.com/	1970-01-20 12:56:53	Name: uid Value: 7736061532762002334
.mathtag.com/	1970-01-20 18:03:36	Name: uuid Value: 0d3963b2-c93e-4b00-9c50-fb57444a7927
.mathtag.com/	1970-01-20 09:20:53	Name: mt_mop Value: 4:1672661310
.metaffiliation.com/	1970-01-20 10:04:05	Name: kwknc_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.happ-e.fr/	1970-01-20 10:04:05	Name: kwknc_ssc Value: dp4b11756c8631b27-b25laWQ4TUVjRGZycHRnRUpoZ0hKSEV0eHRRREdmUFR3VDhKSnNrb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.happ-e.fr/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4b11756c8631b27-b25laWQ4TUVjRGZycHRnRUpoZ0hKSEV0eHRRREdmUFR3VDhKSnNrb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/	1970-01-20 10:04:05	Name: neta_ssc Value: af62f410jou5zuy1729ny0xmbyop
.metaffiliation.com/	1969-12-31 23:59:59	Name: netases_ssc Value: af62f410jou5zuy1729ny0xmbyop
.happ-e.fr/	1970-01-20 10:04:05	Name: neta_ssc Value: a964f410jou6iu8hennkjejpdwms
.happ-e.fr/	1969-12-31 23:59:59	Name: netases_ssc Value: a964f410jou6iu8hennkjejpdwms
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 423187:2993007
.awin1.com/	1970-01-20 08:40:34	Name: awpv25911 Value: 412871\|1672661310\|2bcb61b0-8a96-11ed-af39-22634e1a9496

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.metaffiliation.com
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.fr
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.ckeditor.com
cm.g.doubleclick.net
d5p.de17a.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
img.metaffiliation.com
match.360yield.com
ngembassy.info
ngembassy.org
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
region1.google-analytics.com
static-de.ad4mat.net
sync.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
vcb.happ-e.fr
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
103.72.77.63
18.193.21.241
185.29.132.241
192.229.220.129
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
205.234.175.175
213.155.156.184
216.58.212.130
23.67.134.223
2600:1901:0:76b9::
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2008
2a00:1450:400d:803::2002
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80e::2002
2a05:d018:d29:3605:db2f:b9cd:e64:dd58
3.65.71.95
35.186.193.173
35.204.74.118
37.157.2.237
76.223.111.18
95.131.136.1
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00eb6ce2456c0dd817a87b3e7f7934ddcd91a2b29f304d1cd98cf319b4a38306
022f78a2d80398a831f7ca53c5245038f05fbff1ffa80fc720f519697c19a9ed
0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e9f619a2a97df50605579cb27343705a784b45a1a8ad233fef40d2d9260c68e
14e8ff6d39adcaf4db1b200db29915a4a00744f27fd10614ef6f49949f534edc
15c09ec30728b8fa9b6321db4cbc61f1c3cfba1e9aaa44f3a59acf58ffbebc92
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1aa3bce314cdc673026cb35a4013f52c86f72d5d97e1a26bfd631b3ba8585e1d
1ce99f1c5aff38136ab2a13aa771fd17dddb63a08ba4c539d1396dab48ff7610
267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94
34e0ca290142ead6b9b275a9900a8b36e3ede203de952693244231b8466c2902
3570f4086000c0c2c648366f62e70a26a1d2052b7c5eb17f95e5f3d92305f29e
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
4736672260ab0cf94ad37de85f33a0c5aeb75d70320fc6480956680a1ef41f31
48c5a3e8f2a2171a0e7107419ed3f41eb104b90156baf648f549ede03cb57060
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b43924b55481613b8536446f4fe4ad13b80a63f265ba25830614555b08d68fc
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e2fff1c0e5a1b8abe42cc6e0e80d8d7deec0dc81ca5ccc98c5008c4a084a06e
4fc73d1cf44e613b16924c0035674bea6de8ba033f87f62ff5ce4c5015226ef9
529ac172d95cd5567e61bd5d3b91c26f2883718748065cd6e249c5e5345547f3
53bcc9be8ada3b69949f6de313721f56a91ddab2c35d6dd43ed94fae1f244c69
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a32cd3aa02ede12a27bff30307abee7970cbc2f0e3410ef14176d09a1db15e
566801ffec305cad8fff811d1f8bdeda134444f3a9f7a6376a614f61eed07b39
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6657a7d3ac4506ce3b0ca9234df4f63b6bff8e94e92f21f9d77921b166fc6925
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c
685454498ab464c992327759a925959c1360d694f00f18f7fc951c7abd63c0a9
69af47ae4c1d90831351b53f445bdf076b8991e2e4d543c8edd96d42957d41f3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
76169912c78fdf280f79642ebc5a30dc4ca5fb4089db82089b2d329872a54777
7b54f6cb328bdc60c04040684ddd7ab4061b5445bf1ccbb568dbaefd1301d5e2
7c9f4fd72e7f700a29c813e03b8bd94d77385cb2ce3d22e8c64a0ed6351e34be
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8839b2d0b14eb193540520bebc9e3c49df90f7f54e5c7f81a13282de5ec1f792
889087766998e260a22f5c5ccbc7f2e03b168c780bcd7a922b66581241a3ecad
89966b7626c91cec9320b8ce54ae79db5de05e602b578475fd748e0ea042c35d
8def2ad5ac1038000a229b890d2784be122bde5b1c166b8d3fccb254130eb3fd
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81
93651d2892a54000c4aff7a44b14b325ed2e1e0a88ea907b54e1f98fc6ca616f
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
9730fbde9ce805bcadb096de2dd86e0205dd5a87b3ab6b0433e65873d63d428c
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a103c9f033863dc4bfd397f87a47fc652b7d6c8fb3278e2bdb0f30c963601d99
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58091f89f887419568e3fb01d7af0345757db9c225040f1493a4238ad161b0e
a611eeac1a9d8bfd87c5a827d376f84dd2f9804dbe00dc445a26006cce941c8a
a69d282071d6718929c2115e5220aeb7537c3affe7a04ee35ae814eac245574c
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
aefd4b3b4358c174a20f53199c621e2cfd404d469743ca5a0c89c683e399b878
b88e2b045e3c6cb809fe254fb2fc1828639ed5ef95ce4fba582da56a693efd9c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc567bde2ce90dd90e0d3b0bd59021c45a440a12842354e0e026e4069352265b
be37a65b7f457ef2d69f7fc5ebd47cf37d0f866631ec9d1f8f06dd59d7c5ecb2
c16ce1c562a94558b9ef3c5047912c52b7d7864ba3198d39fafb8eaf87ccfa56
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5118f5fe0ddbf3888d461e29d30d11f6b01b32ef178381d2259dd4bbdd88ebc
c6d209ce80af1a13e14a1d75f7311497df5f97de026bfa12295186dffdfdb1f5
c82e93240c53a5e1321e432f811a8a09216ca539df9c9b014441d1f164a322df
ca33dcf4df52dce1fac17dee6b94b4a15a7a3d21e547669e43bb1ea22edca893
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d36c42df2c748000ad8a56af34613b73b990b10d5ccad089c546425d538da711
d7a458f9dba6e6f680921f3726eb9395838420308938cfda17746743c2e64445
dc57a413d6bfd7f70b10453e990af4389e9e6f08c2b58aa30097d855e6260f52
df4160235fe4b6ca05c03296f1f5fe7540ff39118bfbd3737c23c7f689f4f589
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c8bbc2a88eb0c809d16568191c128afbd24a9c55958cb1cd137979d8b55dfe
e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2
ecc5f4080b59632e4316a2e54f935db26e55ed61b6f73b2fc4e9f2a127a5477e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b99fb975f3655304e39254689196e244b82875905561845fa8aa7fbd9e9ca2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7534a3e962da708c7b8a3b5f122669e4688a1c17f86e9fdb1b2684edca4f351
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

ngembassy.info Open in urlscan Pro 103.72.77.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

92 %HTTPS

58 %IPv6

28 Domains

36 Subdomains

26 IPs

8 Countries

2822 kBTransfer

6499 kBSize

34 Cookies

1 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ngembassy.info Open in urlscan Pro
103.72.77.63 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

92 %
HTTPS

58 %
IPv6

28
Domains

36
Subdomains

26
IPs

8
Countries

2822 kB
Transfer

6499 kB
Size

34
Cookies

183 HTTP transactions
6 data transactions