teamsansnom.free.fr Open in urlscan Pro
212.27.63.114 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://teamsansnom.free.fr/
Submission: On January 09 via api (January 9th 2023, 12:10:02 pm UTC) from US — Scanned from US

Summary HTTP 70 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 9 domains to perform 70 HTTP transactions. The main IP is 212.27.63.114, located in Rouen, France and belongs to PROXAD, FR. The main domain is teamsansnom.free.fr.

This is the only time teamsansnom.free.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	212.27.63.114 212.27.63.114	12322 (PROXAD) (PROXAD)
13	212.27.63.220 212.27.63.220	12322 (PROXAD) (PROXAD)
2	212.27.48.10 212.27.48.10	12322 (PROXAD) (PROXAD)
3	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:821::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
1 3	2607:f8b0:400... 2607:f8b0:4006:80b::2004	15169 (GOOGLE) (GOOGLE)
2	216.151.214.138 216.151.214.138	13768 (COGECO-PEER1) (COGECO-PEER1)
2	44.195.196.224 44.195.196.224	14618 (AMAZON-AES) (AMAZON-AES)
1	69.164.46.136 69.164.46.136	22822 (LLNW) (LLNW)
2 2	207.198.113.86 207.198.113.86	13768 (COGECO-PEER1) (COGECO-PEER1)
1	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1	52.222.174.6 52.222.174.6	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f14:b4f... 2600:1f14:b4f:4b03:86ba:be07:b0f:dc5c	16509 (AMAZON-02) (AMAZON-02)
2	44.196.2.94 44.196.2.94	14618 (AMAZON-AES) (AMAZON-AES)
70	19

1 212.27.63.114 (Rouen, France)

ASN12322 (PROXAD, FR)
PTR: perso114-g5.free.fr

teamsansnom.free.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 212.27.63.220 (Rouen, France)

ASN12322 (PROXAD, FR)
PTR: hperso-1.free.fr

pageperso.free.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.27.48.10 (Rouen, France)

ASN12322 (PROXAD, FR)
PTR: www.free.fr

passback.free.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:808::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:806::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

10edbdc83531dc0f8ecad15f83622286.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80a::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:821::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:817::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::2004 (Nutley, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.151.214.138 (San Antonio, United States)

ASN13768 (COGECO-PEER1, CA)

node-p2e-jfigx1.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.195.196.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-196-224.compute-1.amazonaws.com

q.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.164.46.136 (New York, United States)

ASN22822 (LLNW, US)
PTR: https-69-164-46-136.jfk.llnw.net

cdn01.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.86 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.174.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-6.cdg50.r.cloudfront.net

pix.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:b4f:4b03:86ba:be07:b0f:dc5c (Boardman, United States)

ASN16509 (AMAZON-02, US)

ipv6.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.196.2.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-2-94.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com 10edbdc83531dc0f8ecad15f83622286.safeframe.googlesyndication.com 16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	145 KB
16	free.fr teamsansnom.free.fr pageperso.free.fr — Cisco Umbrella Rank: 516572 passback.free.fr — Cisco Umbrella Rank: 709333	34 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285 cm.g.doubleclick.net — Cisco Umbrella Rank: 321 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64	281 KB
6	adrta.com q.adrta.com — Cisco Umbrella Rank: 3647 pix.adrta.com — Cisco Umbrella Rank: 4638 ipv6.adrta.com — Cisco Umbrella Rank: 3931 adrta.com — Cisco Umbrella Rank: 2058	13 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 330	109 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	3 KB
4	sitescout.com 2 redirects node-p2e-jfigx1.sitescout.com — Cisco Umbrella Rank: 406018 pixel-sync.sitescout.com — Cisco Umbrella Rank: 963	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	102 KB
1	basis.net cdn01.basis.net — Cisco Umbrella Rank: 9085	104 KB
70	9

	Domain	Requested by
13	pageperso.free.fr	teamsansnom.free.fr pageperso.free.fr
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net passback.free.fr tpc.googlesyndication.com 16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net passback.free.fr teamsansnom.free.fr
5	cdn.ampproject.org	securepubads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com
3	www.googletagservices.com	passback.free.fr 16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
2	adrta.com	pix.adrta.com
2	pixel-sync.sitescout.com	2 redirects
2	q.adrta.com	16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com q.adrta.com
2	node-p2e-jfigx1.sitescout.com	teamsansnom.free.fr 16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
2	16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	passback.free.fr	teamsansnom.free.fr
1	ipv6.adrta.com	pix.adrta.com
1	pix.adrta.com	q.adrta.com
1	googleads.g.doubleclick.net	passback.free.fr
1	cm.g.doubleclick.net	16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
1	cdn01.basis.net	16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
1	10edbdc83531dc0f8ecad15f83622286.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	teamsansnom.free.fr
70	21

This site contains links to these domains. Also see Links.

Domain
www.free.fr
portail.free.fr
subscribe.free.fr
imp.free.fr
pagesperso.free.fr
dl.free.fr

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.adrta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-07-20`	10 months	crt.sh
cdn01.basis.net GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-05-26` - `2023-06-14`	a year	crt.sh

This page contains 11 frames:

Primary Page: http://teamsansnom.free.fr/
Frame ID: 65C5E8DBD7A29AD215FAE6B083886A63
Requests: 14 HTTP requests in this frame

Frame: http://passback.free.fr/pub/pp_300x250.html
Frame ID: CC7703C05CCD6F6D6C5177516CA8D807
Requests: 8 HTTP requests in this frame

Frame: http://passback.free.fr/pub/pp_120x600.html
Frame ID: ADF477272729E9B5A1426001691D0B5E
Requests: 8 HTTP requests in this frame

Frame: https://10edbdc83531dc0f8ecad15f83622286.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 84DEFFBC5EFFC91185D232596A97DE51
Requests: 1 HTTP requests in this frame

Frame: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DADBDA96CE4F2330E5AF49B3E4F3B786
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: A34A6463AFBD113EED8C929D7494DECA
Requests: 12 HTTP requests in this frame

Frame: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5939314237DE101619F14EA4A9515745
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 25BE54D149310C2C6E9419653427CF27
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 895D3164AEDBA412CFB872F4BDCB70B6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F21B3152BA7B44E3F1B4B4550525C0CF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 979DBE0CEA90D821A8B6A0A7934510E2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Pages Personnelles: Erreur 403 - Refus de traitement de la requête (Interdit - Forbidden)

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

70
Requests

74 %
HTTPS

47 %
IPv6

9
Domains

21
Subdomains

19
IPs

2
Countries

792 kB
Transfer

1966 kB
Size

10
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: http://www.free.fr/adsl/index.html
Title: Free

Search URL Search Domain Scan URL

URL: http://portail.free.fr/
Title: Portail

Search URL Search Domain Scan URL

URL: http://subscribe.free.fr/free50h/
Title: Bas débit

Search URL Search Domain Scan URL

URL: http://imp.free.fr/
Title: Webmail

Search URL Search Domain Scan URL

URL: http://subscribe.free.fr/login/
Title: Mon Compte

Search URL Search Domain Scan URL

URL: http://pagesperso.free.fr/
Title: Pages Perso

Search URL Search Domain Scan URL

URL: http://dl.free.fr/
Title: Envois de gros fichiers

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/internet.html
Title: Internet

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/telephone.html
Title: Téléphone

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/television.html
Title: Télévision

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/boutique.html
Title: Boutique

Search URL Search Domain Scan URL

URL: http://www.free.fr/assistance
Title: Assistance

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/accueil/plus-de-20-exclusivites.html
Title: Plus de 20 exclusivités

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/accueil/presentation-freebox-hd.html
Title: Présentation de la Freebox HD

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/accueil/carte-de-degroupage.html
Title: Carte de dégroupage

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/internet/connexion.html
Title: Connexion

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/internet/votre-web.html
Title: Votre web

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/tarifs-telephonie.html
Title: Les tarifs de la téléphonie

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/services-de-telephonie.html
Title: Services de téléphonie

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/services-de-telephonie/annuaire.html
Title: Annuaire téléphonique

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/services-de-telephonie/la-messagerie-vocale.html
Title: La messagerie vocale

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/services-de-telephonie/les-services-lies-aux-appels-entrants.html
Title: Les services liés aux appels entrants

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/services-de-telephonie/les-services-lies-aux-appels-sortants.html
Title: Les services liés aux appels sortants

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/services-de-telephonie/les-autres-services-inclus.html
Title: Les autres services inclus

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/ligne-telephonique-incluse.html
Title: Ligne téléphonique incluse

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/ligne-telephonique-incluse/sans-abonnement-telephonique.html
Title: Sans abonnement téléphonique

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/ligne-telephonique-incluse/portabilite-du-numero-geographique.html
Title: Portabilité du numéro géographique

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/ligne-telephonique-incluse/migrer-vers-le-degroupage-total.html
Title: Migrer vers le dégroupage total

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-television.html
Title: Services de télévision

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-television/acces-a-plus-250-chaines.html
Title: Accès à + de 250 chaines

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-television/magnetoscope-numerique.html
Title: Magnétoscope numérique

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-television/services-inclus.html
Title: Services inclus

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-vod.html
Title: Services de VOD

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-vod/free-home-video.html
Title: Free Home Video

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-vod/autres-services-de-vod.html
Title: Les autres services VOD

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/tv-perso.html
Title: TV Perso

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/telesites.html
Title: Télésites

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pdf/fiche-information-standardisee.pdf
Title: Fiche d'information standardisée

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pdf/CGV_Freebox_20080601.pdf
Title: Conditions Générales de Vente

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pdf/brochure_tarifaire_01062008.pdf
Title: Brochure tarifaire

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/informations-legales/signaler-un-contenu.html
Title: Signaler un contenu illicite

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/informations-legales/protection-de-l-enfance.html
Title: Protection de l'enfance

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/informations-legales/free-la-societe.html
Title: Free, la société

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/informations-legales/free-recrute.html
Title: Free recrute

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/informations-legales/nous-contacter.html
Title: Nous contacter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&wb=1&hdid=0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&wb=1&hdid=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=am_-yghgRsqMteD92Es_x2O8BBc

Request Chain 54

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 403
Forbidden Primary Request / Show response
teamsansnom.free.fr/ 12 KB
12 KB 537ms
153ms Document
text/html 212.27.63.114
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: http://teamsansnom.free.fr/
Protocol: HTTP/1.1
Server: 212.27.63.114 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: perso114-g5.free.fr
Software: Apache/ProXad [Jan 23 2019 20:05:46] /
Resource Hash: 6266362dee1097d618b940dd9b42c17dcdf7ca7f9865f1c05c95dae5d2b032f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 09 Jan 2023 12:09:56 GMT
Server: Apache/ProXad [Jan 23 2019 20:05:46]

GET
H/1.1 200
OK free.css
pageperso.free.fr/im/css/ 6 KB
6 KB 622ms
122ms Stylesheet
text/css 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: http://pageperso.free.fr/im/css/free.css
Requested by: Host: teamsansnom.free.fr
URL: http://teamsansnom.free.fr/
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 72ecae8cfd1e77e78b59072abebc9c1f38ef5205c874307342694ed8be26fa91

Request headers

accept-language: en-US,en;q=0.9
Referer: http://teamsansnom.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:20 GMT
Last-Modified: Mon, 08 Sep 2008 14:50:57 GMT
Server: lighttpd/1.4.28
ETag: "14177254"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 6133

GET
H/1.1 200
OK pp_300x250.html Show response
passback.free.fr/pub/ Frame CC77 3 KB
1 KB 573ms
310ms Document
text/html 212.27.48.10
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: http://passback.free.fr/pub/pp_300x250.html
Requested by: Host: teamsansnom.free.fr
URL: http://teamsansnom.free.fr/
Protocol: HTTP/1.1
Server: 212.27.48.10 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: www.free.fr
Software: nginx/1.14.2 /
Resource Hash: 1ec8747e218048f0509f9ab925a516cc44385b804d1d27f63e3f8139aa3eb4fe

Request headers

Referer: http://teamsansnom.free.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 09 Jan 2023 12:09:57 GMT
ETag: W/"59de3155-cea"
Last-Modified: Wed, 11 Oct 2017 14:57:25 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked

GET
H/1.1 200
OK pp_120x600.html Show response
passback.free.fr/pub/ Frame ADF4 3 KB
1 KB 573ms
311ms Document
text/html 212.27.48.10
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: http://passback.free.fr/pub/pp_120x600.html
Requested by: Host: teamsansnom.free.fr
URL: http://teamsansnom.free.fr/
Protocol: HTTP/1.1
Server: 212.27.48.10 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: www.free.fr
Software: nginx/1.14.2 /
Resource Hash: e9edf15f42b6de85435769aa7410dc4ad6efffbcb67db5016d0c475862f16fcd

Request headers

Referer: http://teamsansnom.free.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 09 Jan 2023 12:09:57 GMT
ETag: W/"59de3177-ce8"
Last-Modified: Wed, 11 Oct 2017 14:57:59 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame CC77 81 KB
27 KB 162ms
64ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_300x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38146167f1c2c04b1f67422121b35ff41c69370693fa44dbcc447604b3b9ec8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27688
x-xss-protection: 0
server: sffe
etag: "1446 / 115 of 1000 / last-modified: 1673264108"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 09 Jan 2023 12:09:58 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame ADF4 81 KB
28 KB 143ms
54ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_120x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5e2f2781e1903a59abad64678f31db19628d77f6c3eecd13fb68c07b8a9e92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27598
x-xss-protection: 0
server: sffe
etag: "1446 / 272 of 1000 / last-modified: 1673264108"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 09 Jan 2023 12:09:58 GMT

GET
H/1.1 200
OK bg.png
pageperso.free.fr/im/free2008/ 306 B
540 B 121ms
121ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/bg.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: e02b42843aedd3c11ad49fe161d24ca711eb88b02bbd5582321759862b8406bf

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:21 GMT
Last-Modified: Mon, 19 May 2008 08:40:45 GMT
Server: lighttpd/1.4.28
ETag: "1482624382"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 306

GET
H/1.1 200
OK logo.png
pageperso.free.fr/im/free2008/ 4 KB
4 KB 484ms
120ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/logo.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 83b3b4104d64db388da6f4a07ab0a1b49ca4dd69b3f83e29f005c3237448b117

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:22 GMT
Last-Modified: Mon, 19 May 2008 08:40:45 GMT
Server: lighttpd/1.4.28
ETag: "1205849292"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3930

GET
H/1.1 200
OK accueil.png
pageperso.free.fr/im/free2008/ 753 B
987 B 486ms
121ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/accueil.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 1c0a4c95a402353a78175b8672d35bd4d9cffcedc2e6739d9c8441c623d04dc7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:22 GMT
Last-Modified: Tue, 03 Jun 2008 17:20:32 GMT
Server: lighttpd/1.4.28
ETag: "3260016017"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H/1.1 200
OK internet_active.png
pageperso.free.fr/im/free2008/ 1 KB
1 KB 485ms
120ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/internet_active.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 852ef53f85798703dcb67f2c75fdb1b6ec1faaebcdc75ba09b7a697219438e90

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:22 GMT
Last-Modified: Mon, 02 Jun 2008 08:22:13 GMT
Server: lighttpd/1.4.28
ETag: "565180604"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1294

GET
H/1.1 200
OK telephone.png
pageperso.free.fr/im/free2008/ 914 B
1 KB 487ms
122ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/telephone.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: f47ffd80f76614ac170fecef17a153f992e5ed85091d98a47c16b61fae3e2ff9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:22 GMT
Last-Modified: Mon, 02 Jun 2008 08:22:13 GMT
Server: lighttpd/1.4.28
ETag: "2370582924"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 914

GET
H/1.1 200
OK television.png
pageperso.free.fr/im/free2008/ 925 B
1 KB 486ms
121ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/television.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 8572ae3b234174c68c9efc17a0490d1028fe6698ce998dcc3a001a1d69583beb

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:22 GMT
Last-Modified: Mon, 02 Jun 2008 08:22:14 GMT
Server: lighttpd/1.4.28
ETag: "3184490891"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 925

GET
H/1.1 200
OK boutique.png
pageperso.free.fr/im/free2008/ 804 B
1 KB 235ms
122ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/boutique.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: f02b68452d6d52d6636dad5e49fdf61f82188030f1964429a35bcb6554b4ae8d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:21 GMT
Last-Modified: Mon, 02 Jun 2008 08:22:12 GMT
Server: lighttpd/1.4.28
ETag: "2639227279"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 804

GET
H/1.1 200
OK assistance.png
pageperso.free.fr/im/free2008/ 898 B
1 KB 233ms
120ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/assistance.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 973ad4a473e86e40b39ff83443d0b9fbac7e847248906db91456c80b9781ae27

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:21 GMT
Last-Modified: Mon, 02 Jun 2008 08:22:11 GMT
Server: lighttpd/1.4.28
ETag: "189749644"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 898

GET
H/1.1 200
OK sub-menu-background.png
pageperso.free.fr/im/free2008/ 84 B
317 B 233ms
121ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/sub-menu-background.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 7c365b3aaa063df2c5f9fb2c3730e64cb4a4630f124c9e0cdc5741725a21cf60

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:21 GMT
Last-Modified: Wed, 11 Jun 2008 14:41:06 GMT
Server: lighttpd/1.4.28
ETag: "1747750960"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 84

GET
H/1.1 200
OK textbox-background.png
pageperso.free.fr/im/free2008/ 126 B
360 B 352ms
121ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/textbox-background.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 54e37513da06f78172637fb11030de53d01b815e3be37e41566285b5e0f74057

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:21 GMT
Last-Modified: Mon, 19 May 2008 08:55:58 GMT
Server: lighttpd/1.4.28
ETag: "2019549527"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 126

GET
H/1.1 200
OK bg-bottom.png
pageperso.free.fr/im/free2008/ 226 B
460 B 234ms
122ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/bg-bottom.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 34ad0a4de1c78a4fab7363d481943e06047c413f4cec790af0a04a1ffda0237c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:21 GMT
Last-Modified: Mon, 19 May 2008 08:40:45 GMT
Server: lighttpd/1.4.28
ETag: "2019493244"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 226

GET
H/1.1 200
OK separator.png
pageperso.free.fr/im/free2008/ 88 B
321 B 234ms
121ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/separator.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Rouen, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 10bcb31b67ea338f3bf0b077883eb436ceee5fa58d3c18c056e35387abb28e75

Request headers

accept-language: en-US,en;q=0.9
Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 12:00:21 GMT
Last-Modified: Mon, 19 May 2008 08:40:45 GMT
Server: lighttpd/1.4.28
ETag: "3996803251"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 88

GET
H2 200 pubads_impl_2022120801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ADF4 382 KB
130 KB 147ms
39ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071457

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 23:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132306
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 09:38:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jan 2024 23:19:28 GMT

GET
H2 200 pubads_impl_2023010404.js Show response
securepubads.g.doubleclick.net/gpt/ Frame CC77 382 KB
129 KB 247ms
151ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010404.js?cb=31071458

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745add649a6389b3c4601c42eed00845b5b4ea8448196481ecd801d330fc5dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132321
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 18:37:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Jan 2024 21:07:51 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame ADF4 107 B
549 B 144ms
56ms Script
application/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=passback.free.fr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ADF4 48 KB
12 KB 348ms
347ms XHR
text/plain 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3676035950984484&correlator=3286700123756800&eid=31071457&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=22336046%2C03_lowcost_pagesperso_web%2Crg_sky&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600&ifi=1&adks=837864984&sfv=1-0-40&prev_scp=pos%3Ddroite-sky%26ad_group%3Dad_opt&eri=1&cust_params=env%3Dprod&sc=0&cookie_enabled=1&cdm=passback.free.fr&abxe=1&dt=1673266198460&lmt=1507733879&dlt=1673266197921&idt=498&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=120&ish=600&scr_x=-12245933&scr_y=-12245933&ucis=eh5g5uhbq2br&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=http%3A%2F%2Fpassback.free.fr%2Fpub%2Fpp_120x600.html&ref=http%3A%2F%2Fteamsansnom.free.fr%2F&top=http%3A%2F%2Fteamsansnom.free.fr%2F&frm=24&vis=1&psz=120x600&msz=120x0&fws=256&ohw=0&ea=0&ga_vid=1740803989.1673266198&ga_sid=1673266198&ga_hid=1666763171&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

931ad1665793c77a684c14017d8d81903ebd0898e45753f3f1f20857c3ab09a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11352
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://passback.free.fr
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
10edbdc83531dc0f8ecad15f83622286.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 84DE 6 KB
3 KB 161ms
54ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10edbdc83531dc0f8ecad15f83622286.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 12:09:58 GMT
expires: Tue, 09 Jan 2024 12:09:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame CC77 107 B
165 B 94ms
71ms Script
application/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=passback.free.fr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010404.js?cb=31071458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CC77 25 KB
10 KB 335ms
334ms XHR
text/plain 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=394526108883519&correlator=2397766521983755&eid=31071349%2C31071458&output=ldjh&gdfp_req=1&vrg=2023010404&ptt=17&impl=fifs&iu_parts=22336046%2C03_lowcost_pagesperso_web%2Crg_droite-ga-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=2165746347&sfv=1-0-40&prev_scp=pos%3Ddroite-ga-1%26ad_group%3Dad_opt&eri=1&cust_params=env%3Dprod&sc=0&cookie_enabled=1&cdm=passback.free.fr&abxe=1&dt=1673266198524&lmt=1507733845&dlt=1673266197898&idt=594&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=c457uj9kxncb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=http%3A%2F%2Fpassback.free.fr%2Fpub%2Fpp_300x250.html&ref=http%3A%2F%2Fteamsansnom.free.fr%2F&top=http%3A%2F%2Fteamsansnom.free.fr%2F&frm=24&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=2076954538.1673266199&ga_sid=1673266199&ga_hid=117338730&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010404.js?cb=31071458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a36386843d7a66789ec4f6cc89db508bb320b2e526735d6ce4617433e8464630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10139
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://passback.free.fr
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DADB 6 KB
3 KB 150ms
53ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010404.js?cb=31071458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 12:09:58 GMT
expires: Tue, 09 Jan 2024 12:09:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ADF4 14 KB
11 KB 156ms
60ms XHR
application/json 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c299b8ab5dd3cdac493a5808d0ba79981a65a34a262ce37c095c51a0bc2ce07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11138
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CC77 14 KB
11 KB 109ms
67ms XHR
application/json 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023010404&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010404.js?cb=31071458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

099143639d15744a90eab4a580c2100a5df4124dd1b8c9d01bff8111e91e3c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ADF4 17 KB
7 KB 186ms
98ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 12:09:58 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame A34A 221 KB
61 KB 151ms
39ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Jan 2023 01:07:43 GMT
age: 385335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jan 2024 01:07:43 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A34A 14 KB
5 KB 218ms
107ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Jan 2023 01:07:43 GMT
age: 385335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jan 2024 01:07:43 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A34A 94 KB
28 KB 224ms
114ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Jan 2023 01:07:43 GMT
age: 385335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jan 2024 01:07:43 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A34A 5 KB
2 KB 240ms
130ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Jan 2023 01:07:43 GMT
age: 385335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jan 2024 01:07:43 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A34A 40 KB
13 KB 241ms
131ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Jan 2023 01:07:43 GMT
age: 385335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jan 2024 01:07:43 GMT

GET
DATA 200
OK truncated
/ Frame A34A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fd77afdc832411aa1c41237af0b8d9b43b66692d883ea60b18eac59297cf2a9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 10688568221388929974
tpc.googlesyndication.com/daca_images/simgad/ Frame A34A 41 KB
41 KB 98ms
42ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10688568221388929974

Requested by

Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_120x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e3fd3869233958df56fde6c02e0209f720d9b2ad1291c80039430070fc05869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 10:46:29 GMT
x-content-type-options: nosniff
age: 177809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41497
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 02:56:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jan 2024 10:46:29 GMT

GET
H2 200 fr.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A34A 3 KB
3 KB 143ms
87ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fr.png

Requested by

Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_120x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 05:36:09 GMT
x-content-type-options: nosniff
server: cafe
age: 23629
etag: 12021612326893382710
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2724
x-xss-protection: 0
expires: Tue, 10 Jan 2023 05:36:09 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A34A 295 B
756 B 95ms
40ms Image
image/png 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_120x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 10:08:47 GMT
x-content-type-options: nosniff
server: cafe
age: 7271
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 10 Jan 2023 10:08:47 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A34A 0
0 74ms
73ms Image
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQzbWFgS8Y7ioINacoPwPzviaKOCI-61us-mr9_IQk4Ghst43EAEgyZXZVWDJtqOI8KPsEqABgaGkuSjIAQLgAgCoAwHIAwiqBPYBT9DGn2iZ7H7pFuUoFumajvO-qeqfTJDdSXySmiLCeph1XqHqSc2LhS4aRlpLaP653uDUHP5vuIhZAgJJ34LBKG_5emCNc54TTBD71OFQbowj2fkn9X3yMFai4ezCwu7a-k5T9MNxvIwyAL8M-bHY1FILkuyGFif5r2QuTlBHboSo4rCFEy_AFh5ohiXlWHHpnvpQrpTLPsmdqnpVNcS7Z3ea2k1tMdIBsKNlBg51k70Hjil_cLyIv83jYpvei3NP30DguYM2roV190D0wkGWum6UMzPpj05HXTkCySyHtXEAuaKZPiRfHeAXeqx2Z78wrNoPSSqvwASowt3JpQTgBAGSBQQIBBgBkgUECAUYBKAGAoAHgdn0mAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDnqAPSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMTQwNzYwMjA4ODgxNTI5MhiWhhg&sigh=ixvMp_PW9oE&uach_m=[UACH]&cid=CAQSTADq26N9vTHwsbkHNCCealByn40_ErbHmpDr31w0Plz__yZUfz7DRtJtCb30rZ5LHiSuKoq1S2Lc4X7DLHMoZAFKDZXXaor1t1QwOloYASAT
Requested by: Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_120x600.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CC77 17 KB
6 KB 157ms
105ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010404.js?cb=31071458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 12:09:58 GMT

GET
H3 200 container.html Show response
16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5939 6 KB
3 KB 122ms
41ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010404.js?cb=31071458

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 12:09:58 GMT
expires: Tue, 09 Jan 2024 12:09:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 25BE 13 KB
5 KB 133ms
45ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 247288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 15:28:31 GMT
expires: Sat, 06 Jan 2024 15:28:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 895D 783 B
1 KB 148ms
59ms Document
text/html 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

74c8a416c8cf90a1c3d6c2e47758739a66bb623c796348859199ee000b6b7d18

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Pajkk79tC59Ey_1yAbz9LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://passback.free.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Pajkk79tC59Ey_1yAbz9LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 12:09:59 GMT
expires: Mon, 09 Jan 2023 12:09:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5939 0
0 69ms
69ms Fetch
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKkgbFgS8Y6OoJKqeoPwPsKi7gAiFmLKwbOuE_rCnEMCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTE0MDc2MDIwODg4MTUyOTLIAQngAgCoAwGqBIcCT9CRTasGACpt8eMi5oIcwhEezDJpxrI2Wn1u0evkXQTWok-5oKHt6K_8OFwD20uaeMdNnCxu376H34bnpuQHA7HYGD2FwGuB6RVsM6zzujXuNOc1gpN6lirfKKjgMNffGumPjQ271xxFjmcZYURybW207etNX9nPBeoWUXAscRq8JVrHXabtGEUyNkJsG-70A8LUcOYFe55oRuDcaET_tCwYGCez1T-mbmNaVqGqDSlpNVFNRMsJkGhV3f5AUUPpcmDkZt0_6Sg2s7TpHnxO3VeKIGmaHL64vS2v4wDIi18JZls8OSsqlEBo-fAJSrIVZ44mBWBiUBnuA-5wu_FQnbLzY5ri62zgBAGABqKBppSEzb21jwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xNDA3NjAyMDg4ODE1MjkyGJaGGA&sigh=OtFDL4S5_NU&uach_m=[UACH]&cid=CAQSSwDq26N9wsqA5U3iEJGDJoKcuorK0W7MYEohWLFjbKsH4BrnE4-8XpWEd98saBiDyj6In_-RtNUlzjGa7iwmAqMTCOq54X4i0T-shRgBIBM
Requested by: Host: teamsansnom.free.fr
URL: http://teamsansnom.free.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200 aid:63bc041604585d17067a0008;cid:2368511;arid:113251;c:Y7wEFgAJFCMJiA8qAA7UMPmptp5HqZnBSaMevA;bexp:1800;uih:09dcdf33
node-p2e-jfigx1.sitescout.com/adx/win/ Frame 5939 0
0 194ms
46ms Fetch 216.151.214.138
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://node-p2e-jfigx1.sitescout.com/adx/win/aid:63bc041604585d17067a0008;cid:2368511;arid:113251;c:Y7wEFgAJFCMJiA8qAA7UMPmptp5HqZnBSaMevA;bexp:1800;uih:09dcdf33
Requested by: Host: teamsansnom.free.fr
URL: http://teamsansnom.free.fr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.151.214.138 San Antonio, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: A /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Jan 2023 12:09:58 GMT
Server: A
P3P: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0,no-cache,no-store
Connection: close
Content-Length: 0
Expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 aa.js Show response
q.adrta.com/ Frame 5939 887 B
1 KB 154ms
46ms Script
application/javascript 44.195.196.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/aa.js?cb=1673266198684
Requested by: Host: 16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
URL: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.196.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-196-224.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 67012d01839605f628caf4bd3fdb8915c04294ab9350c475479fc61a254413ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Jan 2023 12:09:59 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H/1.1 200 aid:63bc041604585d17067a0008;cid:2368511;arid:113251;c:Y7wEFgAJFCMJiA8qAA7UMPmptp5HqZnBSaMevA;bexp:1800;uih:09dcdf33
node-p2e-jfigx1.sitescout.com/adx/px/ Frame 5939 43 B
502 B 193ms
47ms Image
image/gif 216.151.214.138
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node-p2e-jfigx1.sitescout.com/adx/px/aid:63bc041604585d17067a0008;cid:2368511;arid:113251;c:Y7wEFgAJFCMJiA8qAA7UMPmptp5HqZnBSaMevA;bexp:1800;uih:09dcdf33
Requested by: Host: 16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
URL: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.151.214.138 San Antonio, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: A /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Jan 2023 12:09:58 GMT
Server: A
Content-Type: image/gif
P3P: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Cache-Control: max-age=0,no-cache,no-store
Connection: close
Content-Length: 43
Expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 I1BVU6px84LDuKSR.jpg
cdn01.basis.net/113300/113251/ Frame 5939 104 KB
104 KB 139ms
43ms Image
image/jpeg 69.164.46.136
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn01.basis.net/113300/113251/I1BVU6px84LDuKSR.jpg
Requested by: Host: 16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
URL: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.136 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-136.jfk.llnw.net
Software: AC1.1 /
Resource Hash: 2d438045f9484530f7f05b41d894fd56d9bf09274d5b293cd5d3a076423627db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:59 GMT
last-modified: Fri, 30 Dec 2022 12:52:58 GMT
server: AC1.1
age: 256620
content-type: image/jpeg
accept-ranges: bytes
content-length: 106113
x-llid: e9468f9f7cfaab9b8e913fd63b498a33

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5939
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&wb=1&hdid=0
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&wb=1&hdid=0
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=am_-yghgRsqMteD92Es_x2O8BBc

170 B
502 B

155ms
56ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=am_-yghgRsqMteD92Es_x2O8BBc

Requested by

Host: 16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
URL: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 12:09:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Jan 2023 12:09:58 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=am_-yghgRsqMteD92Es_x2O8BBc
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 5939 3 KB
1 KB 109ms
39ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js

Requested by

Host: 16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
URL: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:08:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 20:08:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 5939 18 KB
7 KB 124ms
55ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
URL: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:08:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Jan 2023 20:08:36 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5939 24 KB
6 KB 109ms
40ms Script
text/javascript 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
URL: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 399926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jan 2024 21:04:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5939 156 KB
48 KB 149ms
67ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
URL: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 12:09:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F21B 13 KB
5 KB 107ms
41ms Document
text/html 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 247288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 15:28:31 GMT
expires: Sat, 06 Jan 2024 15:28:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 979D 783 B
742 B 149ms
82ms Document
text/html 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

080afafe23c22540171e982d084a2df067945135d8c8eebfa846e116abb0dfd2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XQICGcV58U0hNslejYpvuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://passback.free.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-XQICGcV58U0hNslejYpvuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 12:09:59 GMT
expires: Mon, 09 Jan 2023 12:09:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A34A
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

149ms
59ms

Image
text/html

2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_120x600.html
Protocol: H2
Server: 2607:f8b0:4006:806::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

Date: Mon, 09 Jan 2023 12:09:59 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control: private
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0

GET
H2 200 r.js Show response
q.adrta.com/ Frame 5939 107 B
314 B 45ms
44ms Script
application/javascript 44.195.196.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/r.js?v=22.110&rcb=960140&cb=1673266198684
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1673266198684
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.196.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-196-224.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 678c6a09523ded42b0725258bc47ef4d6da7df9b626284330d44bea2740c91c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Jan 2023 12:09:59 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5939 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33776911d73bcc852d92063fb8e18762d747120affa5893ff762fb067a13c2c2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 895D 0
0 180ms
98ms Image
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=3676035950984484&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame F21B 36 KB
16 KB 75ms
43ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:45:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 979D 0
0 131ms
99ms Image
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023010404&jk=394526108883519&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 25BE 36 KB
16 KB 65ms
40ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:45:08 GMT

GET
H2 200 cdnf.js Show response
pix.adrta.com/ Frame 5939 31 KB
11 KB 381ms
127ms Script
application/javascript 52.222.174.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.adrta.com/cdnf.js?v=22.110
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1673266198684
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-6.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 026a0554646b85cca7266d6f966f533546ff6d85e5d8dd8544ac782176752a3e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Xnn_PUyruVbClLXjAUevk3KGgl_dQaDB
content-encoding: gzip
via: 1.1 c77cf9ec92c5b3b895af521940f61fb8.cloudfront.net (CloudFront)
date: Mon, 09 Jan 2023 08:35:19 GMT
last-modified: Mon, 21 Nov 2022 08:58:43 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P2
age: 12881
etag: W/"4904e2e0b3f728c31a78c805552ba248"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: GrnKMddV0biZODeyfYCAoOyT9t88JUUlFUNXpI0rdPXe_-CJILE-Jg==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F21B 0
10 B 41ms
40ms Image
text/plain 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BMfRNw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 25BE 0
10 B 39ms
39ms Image
text/plain 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?R5WgFA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:09:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 / Show response
ipv6.adrta.com/ Frame 5939 123 B
241 B 286ms
83ms Script
text/javascript 2600:1f14:b4f:4b03:86ba:be07:b0f:dc5c
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ipv6.adrta.com/?callback=_1673266199786

Requested by

Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.110

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f14:b4f:4b03:86ba:be07:b0f:dc5c Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1151cecb52c45d8153fa70d32793e5fdadc3e6329d6374c3d192331ac717fcb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 12:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
content-type: text/javascript; charset=utf-8

GET
H2 200 i Show response
adrta.com/ Frame 5939 143 B
271 B 247ms
45ms Script
text/javascript 44.196.2.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=51560129&__aasv=22.111&__aaii=5308485578285416179&__aait=1673266199247&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=50&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aarf=3&__aart=52&__aaax=0&__aaay=0&__aasz=300x250&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aaho=1&__aacb=1673266198684&__aaxf=167.88.7.162%2C%2010.1.1.55&__aaci=ss&paid=ss&avid=113251&caid=2368511&publisherId=pub-1407602088815292&kv5=13715&plid=6524618&segment=&kv4=2602%3Affc8%3A1%3A%3A&kv14=&kv1=300x250&siteId=&kv7=8&kv15=UNKNOWN&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=63bc041604585d17067a0008&kv3=&kv55=1.0,1!google.com,pub-1407602088815292,1!centro.net,8,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&kv2=http%3A%2F%2Fpassback.free.fr%2Fpub%2Fpp_300x250.html&__aapu=https%3A%2F%2F16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&__aapr=http%3A%2F%2Fteamsansnom.free.fr&__aatu=http%3A%2F%2Fteamsansnom.free.fr
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.110
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.2.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-2-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ae68d0a425bdaf19a5fcf1761f66ccbf59d9007b4956e88968cee59dd040e99b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Mon, 09 Jan 2023 12:10:00 GMT
cache-control: no-cache
content-encoding: gzip
server: nginx
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CC77 0
0 102ms
102ms Image
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023010404&jk=394526108883519&bg=!nJ-ln9vNAAYDMoyoIzI7ACkAdvg8WhbiWNfm316oEEhhTWBr-rvZthcL9G74zoaSln46hjBltckPGwIAAADmUgAAAANoAQeZArk0dy8_F9Hl6_byDYG20A0BdTA_EJrbrY9e5quEvL9dRVZSebURW5A-AQVdlXdBIGVmgIsYruq-Js7YKqYVcy-jnlI-0lHfCtoOf6HSmXTwpZulDtt6Xis6u4pFMI0AChZ7e83XJna-m6AoA1cVNGQZ8asRpKTL30kqzqXugUx1EHHM70DVjcl_HC7BrAX5XUVTChpK_PDZUyYcBHmFSud-uWQGKR-bAxFGsSnrsQHDexSEQNV9VgKT0Zet5_srPDqd2fepr0Sr2mHyg_cdXyRd1zkSOem9XZS_9mjCx85Yh_yIQhHACksMj9m7VUTFlEMoz7F_866AZKpZH5_MPxcSQtI1B8AdE0EIQ2Uq7hHl8HHld_dV8RWbJsHhq7SPyO-bL3BIobWWq_6S83NiUwvSxuRIGbJVV-DWsP7R8or5NQCzs18zyy1FZdB68OpGNEIqgIdYkGmk-wAP7nbfJ_YzV3E30LmkMwpVs4-G2j6WB9QzTp10NrF1EN4DAVAoykBsaVAOydfxeggkemXrnUcN1L8OZlQoVfybS5XLqV2AHehGhElzsDKKJ5RF-jCmIBpHNZqVPTbQddLeLidPMPBwdRT3PaBodi-u46Dlau8RxX4I7fj-B3wmCgisng2ePHMaFlLUCvPXuOPWqutTsEs6GPbbLOSxpyFTFt0HleDVYX29Izd9bqzrolA9-4biAXG0AMYhJE8xKK85CC7nb5QaPDDctZd74kmZ5zNMO6yLah4SXL_-_mObWsn_z2I0DCEtw9ZxViiBj6UBhLnm4OAbrOPxO4TEbmvx1kQQKabnyk8SygtA1dEKwek-o2RGZY5BqRsYjKOb_WaGPAkyG8q9Tg2XMCs2oUg69ckmsDNHgTtja6D2IalGR3jzzQlzTCGm1Nxy4hKSNKjXp8NDE28pAYcQcb9X5VDn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ADF4 0
0 103ms
102ms Image
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=3676035950984484&bg=!REelRwPNAAYDMoyoIzI7ACkAdvg8WsHKLEVhwefF3sxnfDzAsmqZ33pWeXyY0DOKMs2rbLEHf2k9ZgIAAADRUgAAAARoAQcKAC3CdcyXs6mHgROJxbA3LtNy4wseeKHHcIfkg393GXtAy6fl145twO0VOJTLezKZArglDAOPCa-8tH8r2OIuXOpKhLi0IEhgxA8W04ZEi0edDlY6QuGlI_wd8AGnNCDYXk5iMkQkR0_sjIx9mOnCWRXGuEwI-OlTn3IZC8G2TxnFM_NmAqO0AaWC40UEuhje_UbbCZdT9vuG1Men1ftZcMZlc-QzKJJqR7OzgjjM2RqecZal6_VnvGODf1l7m1o7f3K_7FWTaovqwdGS-Zjtm4sdikuZH6rLRlMN2bTaEPMHDYb3qBzeKRYM80iPdiAwKDisuXzNEGmm7awuEXQ5htE9v7xRqlpDokthuqWaFxvwEK71CEKKQuxkG8GctxZXxjbp_cAo6YhDa5QLQJj50sa_LLb6CFrhpkRBXBrVcWpdVMM31gNG0NHB5nAZokgY4hAl58_ye5cPyWVcP0LPHAcg8QUb-x0Zct7cKsM-yvcGqMLAc6qFB3_jOQpBQvUThJ-KrchaMeAYuB1gOyuhkNc8AJvyFoOE8M3UMHrNILBycMg1xE7n-QEYJzm7UybKyA3JTIyBjg_up28X709hgcUKw4MKn_ayP2e7KI5lOqBg30mec_JAg6sgnmNJBIGHR3qT-9lcSyi_bVoVfDBoxVITYP90aCfA0Dm882miKOB8aDy7vm8MaNde3MzT98lv7M4lhrWUUc3gPoY4x30n456Z1nG3VMdO3GHEGb3pxFJo7Ij62WUuqzIO1I8TJ9LQZ6nBF61RPY9rLOYU0VvezEJ9co5f0jaIODnpasFTYnaSpQVPm-i2NDSjHHVV5xMeItPntsVoZ0i93H2s7uGMDO7gZcKwjYEps-ZiERMo15essembLxyJn73MgbK68Kzo574pvLf3U3U9vdPdILLet45VaBXuGNH-YXZAEk6oE-DOybuiuQuujTfRC32NbuxBoVn9XkmCt57D9S6g_XZEOhQU3dmL1XYS5ag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A34A 42 B
64 B 105ms
104ms Image
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3DKaxm0Y3d8WMT-9uIU5DWPrIkEazIil9dxg878eT5LNBWYA5r6OJi7IqCDdbX00eSni50UumGi0uk9QvE0VZ-m6xW_b3c8dOrkXRTEsXwSieRSXcIQQMQW8Kk7rF8Ut8EAA&sai=AMfl-YT-bQuY9-botPvqet3KBIiZyrRJFPszP7jTESJxrOIgUggf3mTLyepnqbSkDiQd97GAamApmo9HCJ6IhTGs2rmkUE77SJegLkFQSfb5fMNJoRKw9JXsX1CWdrCUm_gL7pt3EaNcH2ckwORo6pQc&sig=Cg0ArKJSzDV2vqAp8NkUEAE&cid=CAQSTADq26N9vTHwsbkHNCCealByn40_ErbHmpDr31w0Plz__yZUfz7DRtJtCb30rZ5LHiSuKoq1S2Lc4X7DLHMoZAFKDZXXaor1t1QwOloYASAT&id=ampim&o=0,601&d=120,600&ss=1600,1200&bs=120,600&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=376&tls=1377&g=100&h=100&tt=1377&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 12:10:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5939 42 B
64 B 186ms
99ms Fetch
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcnAu5GK3Y6sfw0HQIyCuyHEjKP7boBoqsNYhfcxx2c3C4ii45WwKi86V6wTmMmH-veusiRtoiPVM9MKQyHi7zF8wV&sig=Cg0ArKJSzLm29zZHpSG1EAE&id=lidar2&mcvt=1000&p=0,0,254,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=2165746347&rs=4&la=0&cr=0&vs=4&r=v&rst=1673266198888&rpt=424&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 12:10:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
adrta.com/ Frame 5939 15 B
172 B 65ms
64ms Script
text/javascript 44.196.2.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=86878558&__aasv=22.111&__aaii=5308485578285416179&__aait=1673266199247&__aasi=9944636932005159084&__aast=1673266199164&__aavi=3995114278957639174&__aavt=1673266199164&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=50&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aarf=3&__aart=52&__aaax=0&__aaay=0&__aasz=300x250&__aapf=1&__aaec=4&__aaup=2&__aaat=0&__aaae=0&__aaav=1&__aaas=1009&__aaah=0&__aapc=0&__aaph=0&__aapw=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=1673266198684&__aaxf=167.88.7.162%2C%2010.1.1.55&__aas21=2602%3Affc8%3A1%3A1%3A%3A4&__aas23=2602%3Affc8%3A1%3A1%3A%3A4%2C%2010.2.3.83&__aaci=ss&paid=ss&avid=113251&caid=2368511&publisherId=pub-1407602088815292&kv5=13715&plid=6524618&segment=&kv4=2602%3Affc8%3A1%3A%3A&kv14=&kv1=300x250&siteId=&kv7=8&kv15=UNKNOWN&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=63bc041604585d17067a0008&kv3=&kv55=1.0,1!google.com,pub-1407602088815292,1!centro.net,8,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&kv2=http%3A%2F%2Fpassback.free.fr%2Fpub%2Fpp_300x250.html&__aapu=https%3A%2F%2F16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&__aapr=http%3A%2F%2Fteamsansnom.free.fr&__aatu=http%3A%2F%2Fteamsansnom.free.fr
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.110
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.2.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-2-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Mon, 09 Jan 2023 12:10:00 GMT
cache-control: no-cache
server: nginx
content-length: 15
expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.free.fr/	1970-01-20 18:09:22	Name: __gads Value: ID=797dce06daefd324:T=1673266198:S=ALNI_MbF_cO5JkuwGyCp49iuVSftgB4y_g
.free.fr/	1970-01-20 18:09:22	Name: __gpi Value: UID=000008fa1b38cefa:T=1673266198:RT=1673266198:S=ALNI_Ma8eqsTvBXmhc0BlWqiQNDl7u-BTw
.doubleclick.net/	1970-01-20 18:23:46	Name: IDE Value: AHWqTUkV2jI3W8akezxOIfBOagFiaXnWiDx5dNNcJNUztgCm6RFwOMyp3gxE1PMkrKQ
.adrta.com/	1970-01-20 18:23:46	Name: __aavi Value: 3995114278957639174
.adrta.com/	1970-01-20 18:23:46	Name: __aavt Value: 1673266199164
.adrta.com/	1969-12-31 23:59:59	Name: __aasi Value: 9944636932005159084
.adrta.com/	1969-12-31 23:59:59	Name: __aast Value: 1673266199164
.sitescout.com/	1970-01-20 17:33:22	Name: ssi Value: 6a6ffeca-0860-46ca-8cb5-e0fdd84b3fc7#1673266199172
.sitescout.com/	1970-01-20 09:30:58	Name: _ssuma Value: e30
.doubleclick.net/	1970-01-20 08:47:49	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://teamsansnom.free.fr/ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10edbdc83531dc0f8ecad15f83622286.safeframe.googlesyndication.com
16bc9bb3be7e53ef50e19d9856cbd15c.safeframe.googlesyndication.com
adrta.com
adservice.google.com
cdn.ampproject.org
cdn01.basis.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
ipv6.adrta.com
node-p2e-jfigx1.sitescout.com
pagead2.googlesyndication.com
pageperso.free.fr
passback.free.fr
pix.adrta.com
pixel-sync.sitescout.com
q.adrta.com
securepubads.g.doubleclick.net
teamsansnom.free.fr
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
142.251.41.2
207.198.113.86
212.27.48.10
212.27.63.114
212.27.63.220
216.151.214.138
2600:1f14:b4f:4b03:86ba:be07:b0f:dc5c
2607:f8b0:4006:806::2002
2607:f8b0:4006:808::2002
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2004
2607:f8b0:4006:817::2001
2607:f8b0:4006:821::2001
2607:f8b0:4006:824::2001
2607:f8b0:4006:824::2002
44.195.196.224
44.196.2.94
52.222.174.6
69.164.46.136
026a0554646b85cca7266d6f966f533546ff6d85e5d8dd8544ac782176752a3e
080afafe23c22540171e982d084a2df067945135d8c8eebfa846e116abb0dfd2
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0
099143639d15744a90eab4a580c2100a5df4124dd1b8c9d01bff8111e91e3c68
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c299b8ab5dd3cdac493a5808d0ba79981a65a34a262ce37c095c51a0bc2ce07
10bcb31b67ea338f3bf0b077883eb436ceee5fa58d3c18c056e35387abb28e75
1151cecb52c45d8153fa70d32793e5fdadc3e6329d6374c3d192331ac717fcb4
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1c0a4c95a402353a78175b8672d35bd4d9cffcedc2e6739d9c8441c623d04dc7
1e3fd3869233958df56fde6c02e0209f720d9b2ad1291c80039430070fc05869
1ec8747e218048f0509f9ab925a516cc44385b804d1d27f63e3f8139aa3eb4fe
2d438045f9484530f7f05b41d894fd56d9bf09274d5b293cd5d3a076423627db
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33776911d73bcc852d92063fb8e18762d747120affa5893ff762fb067a13c2c2
34ad0a4de1c78a4fab7363d481943e06047c413f4cec790af0a04a1ffda0237c
38146167f1c2c04b1f67422121b35ff41c69370693fa44dbcc447604b3b9ec8e
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4fd77afdc832411aa1c41237af0b8d9b43b66692d883ea60b18eac59297cf2a9
54e37513da06f78172637fb11030de53d01b815e3be37e41566285b5e0f74057
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6266362dee1097d618b940dd9b42c17dcdf7ca7f9865f1c05c95dae5d2b032f1
67012d01839605f628caf4bd3fdb8915c04294ab9350c475479fc61a254413ee
678c6a09523ded42b0725258bc47ef4d6da7df9b626284330d44bea2740c91c7
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
72ecae8cfd1e77e78b59072abebc9c1f38ef5205c874307342694ed8be26fa91
745add649a6389b3c4601c42eed00845b5b4ea8448196481ecd801d330fc5dd6
74c8a416c8cf90a1c3d6c2e47758739a66bb623c796348859199ee000b6b7d18
7c365b3aaa063df2c5f9fb2c3730e64cb4a4630f124c9e0cdc5741725a21cf60
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
83b3b4104d64db388da6f4a07ab0a1b49ca4dd69b3f83e29f005c3237448b117
852ef53f85798703dcb67f2c75fdb1b6ec1faaebcdc75ba09b7a697219438e90
8572ae3b234174c68c9efc17a0490d1028fe6698ce998dcc3a001a1d69583beb
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
931ad1665793c77a684c14017d8d81903ebd0898e45753f3f1f20857c3ab09a3
973ad4a473e86e40b39ff83443d0b9fbac7e847248906db91456c80b9781ae27
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a36386843d7a66789ec4f6cc89db508bb320b2e526735d6ce4617433e8464630
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae68d0a425bdaf19a5fcf1761f66ccbf59d9007b4956e88968cee59dd040e99b
bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
d5e2f2781e1903a59abad64678f31db19628d77f6c3eecd13fb68c07b8a9e92e
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
e02b42843aedd3c11ad49fe161d24ca711eb88b02bbd5582321759862b8406bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
e9edf15f42b6de85435769aa7410dc4ad6efffbcb67db5016d0c475862f16fcd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02b68452d6d52d6636dad5e49fdf61f82188030f1964429a35bcb6554b4ae8d
f47ffd80f76614ac170fecef17a153f992e5ed85091d98a47c16b61fae3e2ff9

teamsansnom.free.fr Open in urlscan Pro 212.27.63.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

74 %HTTPS

47 %IPv6

9 Domains

21 Subdomains

19 IPs

2 Countries

792 kBTransfer

1966 kBSize

10 Cookies

45 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

teamsansnom.free.fr Open in urlscan Pro
212.27.63.114 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

74 %
HTTPS

47 %
IPv6

9
Domains

21
Subdomains

19
IPs

2
Countries

792 kB
Transfer

1966 kB
Size

10
Cookies

70 HTTP transactions
2 data transactions