ja.pays-tarusate.org Open in urlscan Pro
2606:4700:3035::6815:623 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ja.pays-tarusate.org/
Effective URL:
https://ja.pays-tarusate.org/
Submission: On July 20 via manual (July 20th 2021, 1:28:58 am UTC) from JP

Summary HTTP 277 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 37 IPs in 9 countries across 36 domains to perform 277 HTTP transactions. The main IP is 2606:4700:3035::6815:623, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.pays-tarusate.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 19th 2020. Valid for: a year.

This is the only time ja.pays-tarusate.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 52	2606:4700:303... 2606:4700:3035::6815:623	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
5	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
2	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	143.198.248.64 143.198.248.64	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
2	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
13	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
20 58	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
17	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3 9	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
12	2606:4700::68... 2606:4700::6810:c40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.184 213.155.156.184	1299 (TELIANET ...) (TELIANET Telia Carrier)
2 2	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
2 2	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
3	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
1	13.224.99.121 13.224.99.121	16509 (AMAZON-02) (AMAZON-02)
1	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
2	54.72.233.75 54.72.233.75	16509 (AMAZON-02) (AMAZON-02)
277	37

52 2606:4700:3035::6815:623 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ja.pays-tarusate.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pays-tarusate.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

newrrb.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.198.248.64 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

load02.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2a02:6b8::1:119 (Moscow, Russian Federation) 20 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:c40 (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Uppsala, Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.246 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.99.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-121.zrh50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.29.72.47 (Epsom, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.233.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-233-75.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	yandex.ru 18 redirects mc.yandex.ru	83 KB
52	pays-tarusate.org 1 redirects ja.pays-tarusate.org pays-tarusate.org	4 MB
49	googlesyndication.com pagead2.googlesyndication.com 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com tpc.googlesyndication.com	488 KB
31	doubleclick.net 3 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	230 KB
16	ampproject.org cdn.ampproject.org	317 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	253 KB
12	bannerflow.net c.bannerflow.net	311 KB
11	google.com 3 redirects adservice.google.com www.google.com	1 KB
7	googletagservices.com www.googletagservices.com	229 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	zx-adnet.com cdn.zx-adnet.com	123 KB
4	webgains.com track.webgains.com diapi.webgains.com	39 KB
3	webgains.io analytics.webgains.io api.webgains.io	60 KB
3	newrrb.bid newrrb.bid	18 KB
2	awin1.com 1 redirects www.awin1.com	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	720 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	857 B
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	gstatic.com fonts.gstatic.com	42 KB
2	google.de adservice.google.de	287 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	jsdelivr.net cdn.jsdelivr.net	8 KB
1	congstar.de banner.congstar.de	518 B
1	2mdn.net s0.2mdn.net	422 B
1	travelaudience.com 1 redirects ads.travelaudience.com	609 B
1	googleadservices.com partner.googleadservices.com	100 B
1	googleapis.com fonts.googleapis.com	1 KB
1	wpushsdk.com js.wpushsdk.com	3 KB
1	onetrust.com geolocation.onetrust.com	387 B
1	nawpush.com na.nawpush.com	352 B
1	jquery.com code.jquery.com	29 KB
1	load02.biz load02.biz	20 KB
1	cstwpush.com cst.cstwpush.com	60 KB
277	36

	Domain	Requested by
53	mc.yandex.ru	18 redirects ja.pays-tarusate.org
49	pays-tarusate.org	ja.pays-tarusate.org pays-tarusate.org
34	tpc.googlesyndication.com	ja.pays-tarusate.org securepubads.g.doubleclick.net tpc.googlesyndication.com 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com
16	cdn.ampproject.org	securepubads.g.doubleclick.net
16	securepubads.g.doubleclick.net	cdn.zx-adnet.com www.googletagservices.com securepubads.g.doubleclick.net ja.pays-tarusate.org
12	c.bannerflow.net	6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com c.bannerflow.net
12	pagead2.googlesyndication.com	cst.cstwpush.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com pagead2.googlesyndication.com googleads.g.doubleclick.net
9	www.google.com	3 redirects ja.pays-tarusate.org tpc.googlesyndication.com 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	www.googletagservices.com	cdn.zx-adnet.com securepubads.g.doubleclick.net ja.pays-tarusate.org 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com ja.pays-tarusate.org 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
5	mc.yandex.com	2 redirects ja.pays-tarusate.org
5	cdn.zx-adnet.com	ja.pays-tarusate.org cdn.zx-adnet.com
3	track.webgains.com	as.ad4m.at analytics.webgains.io
3	6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	newrrb.bid	ja.pays-tarusate.org newrrb.bid
3	ja.pays-tarusate.org	1 redirects ja.pays-tarusate.org
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	1 redirects as.ad4m.at
2	ad.doubleclick.net	2 redirects
2	as.ad4m.at	ad4m.at as.ad4m.at
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	counter.yadro.ru	1 redirects ja.pays-tarusate.org
2	cdn.jsdelivr.net	ja.pays-tarusate.org
1	diapi.webgains.com	track.webgains.com
1	analytics.webgains.io	track.webgains.com
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	ad4m.at
1	s0.2mdn.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	prod-rtb.ad4mat.net	ja.pays-tarusate.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	js.wpushsdk.com	cst.cstwpush.com
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	na.nawpush.com	cst.cstwpush.com
1	code.jquery.com	ja.pays-tarusate.org
1	load02.biz	ja.pays-tarusate.org
1	cst.cstwpush.com	ja.pays-tarusate.org
277	50

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
pays-tarusate.org
ar.pays-tarusate.org
bg.pays-tarusate.org
cs.pays-tarusate.org
da.pays-tarusate.org
de.pays-tarusate.org
el.pays-tarusate.org
es.pays-tarusate.org
et.pays-tarusate.org
fi.pays-tarusate.org
hi.pays-tarusate.org
hr.pays-tarusate.org
hu.pays-tarusate.org
id.pays-tarusate.org
it.pays-tarusate.org
iw.pays-tarusate.org
ko.pays-tarusate.org
lt.pays-tarusate.org
lv.pays-tarusate.org
ms.pays-tarusate.org
nl.pays-tarusate.org
no.pays-tarusate.org
pl.pays-tarusate.org
pt.pays-tarusate.org
ro.pays-tarusate.org
ru.pays-tarusate.org
sk.pays-tarusate.org
sl.pays-tarusate.org
sr.pays-tarusate.org
sv.pays-tarusate.org
th.pays-tarusate.org
tr.pays-tarusate.org
uk.pays-tarusate.org
vi.pays-tarusate.org
cn.pays-tarusate.org
tw.pays-tarusate.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-19` - `2021-11-18`	a year	crt.sh
newrrb.bid R3	`2021-06-17` - `2021-09-15`	3 months	crt.sh
blog.ippachi.com GTS CA 1D4	`2021-07-13` - `2021-10-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
cstwpush.com R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
load01.biz R3	`2021-07-09` - `2021-10-07`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
na.nawpush.com R3	`2021-06-18` - `2021-09-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
js.wpushsdk.com R3	`2021-07-05` - `2021-10-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://ja.pays-tarusate.org/
Frame ID: 05B1E396891274DA9CE80DD0C29475B2
Requests: 140 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Frame ID: 01A6549786364045C85A0D641E197195
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: DF5740DF9FD9CF4783157D91A498767E
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C36600FBC0A03ED3435A7D9B9C38240B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 99939557D8E8C65E74738CAB570D7610
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: 46463D80D2ACEFD674AA1979CDA136DB
Requests: 11 HTTP requests in this frame

Frame: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 29A0B45459ADDB36BC4D34AD679F6CD6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/index.html
Frame ID: 26F446C716FC14CA7FCF88A28E1D189B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYbzLyib2YMOgHJXb7gPz3q3ICu7PoqpinLzdqvUMsJAfEAEghuGFKmCV-vCBjAegAbaeyqoByAEJqQI5Us9lG8yzPuACAKgDAcgDCKoE_AFP0OIFy7yRLDLzXF36nWL4G1HpbpEQtFh5gExT2YDXDi-0DUtbEVUCky-xqXjM0DFVQUKwd1lNbrGw7BijzTwWqWUMePGIvEaNRU22ztzbV7lmA3AhEOtEOwi72xrp4PCjyWcUTyUcp2OB6ACkfHhl9SNZjcmV0Rg5GzE-QyCX4nJQ1ZrjPyuHLdUT5zYz7DYCP5jbYh0fRvPRP4IgJnVGkx6dUFt_FIEpyJJ6JDyiBv5Y4LWXi9H5-J9cnIhqcKvxhrGEj9sXRrg-503LpMD-uOe6g1p8GeNBydvoCVfrJqX44NEgJZvOXO_aJQs2h0Ttasv4ztlpVmGRDabABOSUqLPsAuAEAZIFBAgEGAGSBQQIBRgEoAYugAezpu-aAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDY3BrSCAkIiOGAEBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNjU1MDQxMzM2MzYwMjU4OA&sigh=dhHEKC-lCU8&template_id=419
Frame ID: DAA2258FDEC06F5EE5654ECF003E6932
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8A9F88287B39B8C14251B729A095FA30
Requests: 2 HTTP requests in this frame

Frame: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1820F6719BC26C7821EF763DF0AE225B
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: 5FBE94DC542C55BCB8A0C09728F70C8A
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteqnKqyK8nU4m5FbSq0GUPXjGAbrWKLTShphCqLDejkFc1j4Gh-NrOqDOMt6l7FRrimnVMV8evnWEe4bdff80xOnaG0-c0XFLNWtgMooetReCP_F9fDrW9hlPAZOigUkxDxMd4IDMaQz16xnoE8WITt8-neg5oJZNHt6r-0MXrFAPZvEHOybqLcqsIH5jx7njlefgbRzTpIzAM6lX-TJWwxzwRg4w-Tiw0ugFse_FyCMwQui8gk2_ZHTeculO9tUIWDum7lq4lFOT7Mdo3Coqz0gz84BQ0tHAcXTpx646zQ62uXkaymNN0ZqwkwLu6_mf3AbWl3BvGFukGL2QmFO3L&sai=AMfl-YQ5Gf_zyVOJmaZlc2Fv-Ue7YLOYl3c0WBYnW5K741NdZcFqtNSJiwsGnaU8LtCHjhyj9mD-dAggjkjiD5Z_3RHHonJAkzaKuQp1l2W800zIsWlFlK6Sz9Dhf04qszxW&sig=Cg0ArKJSzJUYQxJRYqA-EAE&urlfix=1&adurl=
Frame ID: 1B9FA0F27ACC45E16161C164BD08A2A2
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=2537550037&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=970&url=https%3A%2F%2Fja.pays-tarusate.org%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744524006&bpp=9&bdt=29&idt=67&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dd693496d200e1a39-226b183e81c80053%3AT%3D1626744521%3AS%3DALNI_MYiTxSzyETd1H_33fsnWQyl8VNfkw&correlator=5631465992892&frm=23&ife=4&pv=2&ga_vid=297597603.1626744524&ga_sid=1626744524&ga_hid=540342428&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4104&biw=1600&bih=1200&isw=970&ish=250&ifk=3991788034&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=4400074582002712&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5mufrefw8w9&btvi=1&fsb=1&dtd=83
Frame ID: DE0FB6AD85388EDA1E93964680505B63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CwyEazCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE1QFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutH5PuEbNV6G2aqWltB_ri769VSABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshcYChYSFHB1Yi02NTUwNDEzMzYzNjAyNTg4&sigh=7jV90r-SmXc
Frame ID: D678BD2A24F8E2207AFA1014C7AD945C
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1k045j45ddx2nk9symycnx7j4hjr1x7q3v1c9aj843s2n5nb4ggfe6rzr97sqr24cavc9nw30ep6pssjvy5f9t11zyas6mvmcz7chr93fyq5rscy7fradwmr6r44z56mvar8wsxf3re1nhmvva2p3hg7qqvfvvnek1tkbfyfemk2b1mt6ktw0f876dpdj43ygpkkm1cpdz3htzexyskdntvye7wav8wch350wghb27es7sf9jtymh9dgs9v7w0xb5vrfsd5jhyx60rnte59myaz11sxjks3dmv356n6ysn1jbnrym4q046qwxc2hht24dr9hfgdm1thasrnaxjrpa07pxntcvf5p7ch22gh4c8eh3wmt1k126xhjqhfyx0g7q0f3xea3ajcy933h&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%26client%3Dca-pub-6550413363602588%26adurl%3D
Frame ID: 31FB6C7935F92CFCF075FA3680F4417B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4AA6ABF5A8B948C5CA7E646FEB8C303A
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2E75BE25EDE536834262E8DFBD45150D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Frame ID: D00BEC42AC982B6F7B242C5C50B7E2B9
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EA18CA921D46313892F8D64D4872D1A9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5BC58A168CE5380D1000C600E4F5ADC2
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbemz%2F5bcda728012f401820afd75b%2Fimages%2Fba09d618-d872-4831-bfbc-8568c586a674.jpg&w=479&h=954&q=90&f=webp&rt=contain
Frame ID: 1198E1132029F6AD57C83C5A01D329D9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ja.pays-tarusate.org/ HTTP 301
https://ja.pays-tarusate.org/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

277
Requests

94 %
HTTPS

54 %
IPv6

36
Domains

50
Subdomains

37
IPs

9
Countries

6689 kB
Transfer

10301 kB
Size

5
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://ar.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://bg.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://cs.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://da.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://de.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://el.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://es.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://et.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://fi.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://hi.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://hr.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://hu.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://id.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://it.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://iw.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://ko.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://lt.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://lv.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://ms.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://nl.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://no.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://pl.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://pt.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://ro.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://ru.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://sk.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://sl.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://sr.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://sv.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://th.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://tr.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://uk.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://vi.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://cn.pays-tarusate.org/

Search URL Search Domain Scan URL

URL: https://tw.pays-tarusate.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ja.pays-tarusate.org/ HTTP 301
https://ja.pays-tarusate.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/;0.8789351290187086 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/;0.8789351290187086

Request Chain 84

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9339.BDn7kc2ozeHx08vCj8nc3o68O6j-uJWfOgJDgAN60xw3uB6xrniMZf1jmCcIZfmM.EGfjLCNacQhoclNxHJIIyYXPdYM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9339.zKZd0ofy-dpBzuA78DIertdhfswyGwPHhJqiMsrG-c71GLPl1oEFvG16rxkBBKtimFteqK1yF-HfdgFR9CL9nw%2C%2C.U98PA_070XQtPb2EVgtrctjd-Y4%2C

Request Chain 87

https://mc.yandex.com/watch/70769167?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A112%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A98952980974%3Ahid%3A240979457%3Az%3A120%3Ai%3A20210720032840%3Aet%3A1626744520%3Ac%3A1%3Arn%3A805199556%3Au%3A162674452096198089%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626744519318%3Ads%3A0%2C16%2C29%2C1%2C41%2C0%2C%2C519%2C6%2C%2C%2C%2C610%3Adsn%3A0%2C16%2C29%2C0%2C40%2C0%2C%2C522%2C6%2C%2C%2C%2C610%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626744521%3At%3APays-tarusate%20-%20%E9%96%8B%E7%99%BA%E8%80%85%E3%81%AE%E3%81%9F%E3%82%81%E3%81%AE%E5%A0%B4%E6%89%80 HTTP 302
https://mc.yandex.com/watch/70769167/1?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A112%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A98952980974%3Ahid%3A240979457%3Az%3A120%3Ai%3A20210720032840%3Aet%3A1626744520%3Ac%3A1%3Arn%3A805199556%3Au%3A162674452096198089%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626744519318%3Ads%3A0%2C16%2C29%2C1%2C41%2C0%2C%2C519%2C6%2C%2C%2C%2C610%3Adsn%3A0%2C16%2C29%2C0%2C40%2C0%2C%2C522%2C6%2C%2C%2C%2C610%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626744521%3At%3APays-tarusate%20-%20%E9%96%8B%E7%99%BA%E8%80%85%E3%81%AE%E3%81%9F%E3%82%81%E3%81%AE%E5%A0%B4%E6%89%80

Request Chain 92

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.000178491825726379 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.000178491825726379

Request Chain 94

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.2379940862078851 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.2379940862078851

Request Chain 96

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.18670856737252972 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.18670856737252972

Request Chain 98

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.09455989590941116 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.09455989590941116

Request Chain 100

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.0012994405257240604 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.0012994405257240604

Request Chain 102

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.82679008770763 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.82679008770763

Request Chain 104

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.14499149073173734 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.14499149073173734

Request Chain 106

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.44820469938088214 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.44820469938088214

Request Chain 108

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.8312588414797137 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.8312588414797137

Request Chain 110

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.6491437757694667 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.6491437757694667

Request Chain 112

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.7538586025437783 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.7538586025437783

Request Chain 114

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.6755298106880085 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.6755298106880085

Request Chain 116

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.39341616498814 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.39341616498814

Request Chain 118

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.6548530285758642 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.6548530285758642

Request Chain 120

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.594056241927019 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.594056241927019

Request Chain 122

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.23360409294990347 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.23360409294990347

Request Chain 124

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.7484865101355944 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.7484865101355944

Request Chain 169

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 183

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 213

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 233

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBzV4iTheP4nGPbbMyT2XVk&google_cver=1&google_push=AYg5qPIL0Z8o5nxfct9XhnIo7eqnapC051ZlJ0RKlDxYhH-0v2XRj0e0SCGKpvJSu3lBLhhm0g0pbjRgPTa1RFL_eiQUJJtEdmFZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE3NDM4MzU4NzQ4NzE5MDAwOQ== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBzV4iTheP4nGPbbMyT2XVk&google_cver=1

Request Chain 234

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF5T526eHQuC6FaR2K9zvvE&google_cver=1&google_push=AYg5qPKggJmJxQPEHAcKookA_mBW5UmxUMhiOykmyHibcXKVXERMFq3klpVCwX5k8LwZkvedm0Xn767hv28qzaVGw2nXd65fNeGm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKggJmJxQPEHAcKookA_mBW5UmxUMhiOykmyHibcXKVXERMFq3klpVCwX5k8LwZkvedm0Xn767hv28qzaVGw2nXd65fNeGm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF5T526eHQuC6FaR2K9zvvE&google_cver=1&google_push=AYg5qPKggJmJxQPEHAcKookA_mBW5UmxUMhiOykmyHibcXKVXERMFq3klpVCwX5k8LwZkvedm0Xn767hv28qzaVGw2nXd65fNeGm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKggJmJxQPEHAcKookA_mBW5UmxUMhiOykmyHibcXKVXERMFq3klpVCwX5k8LwZkvedm0Xn767hv28qzaVGw2nXd65fNeGm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 235

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPVE-58fBjuQRN_mPfI-hDM&google_cver=1&google_push=AYg5qPKsGmBHfG1n5wWI2jJc0PdOKZzSBKw3hQywPIFrIIe9YfXC3DhKBelBRVVwzjzxMBVOZ261OeQQD5FDo7azCESqSBly4glR HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TDykMoagRpCcWgibFQ35sw2&google_push=AYg5qPKsGmBHfG1n5wWI2jJc0PdOKZzSBKw3hQywPIFrIIe9YfXC3DhKBelBRVVwzjzxMBVOZ261OeQQD5FDo7azCESqSBly4glR

Request Chain 237

https://d5p.de17a.com/cookies/google?google_gid=CAESEK3ps947ZkjGKHW8cdumrAg&google_cver=1&google_push=AYg5qPItndmEjLrvIJOE_L53uqi18tS9ri58tq7zebztMoLIewK0dn5wRY6134wEZkAmgABwLAQXyLMByMZ4xvKGmDd8vXN67MrU HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK3ps947ZkjGKHW8cdumrAg&google_cver=1&google_push=AYg5qPItndmEjLrvIJOE_L53uqi18tS9ri58tq7zebztMoLIewK0dn5wRY6134wEZkAmgABwLAQXyLMByMZ4xvKGmDd8vXN67MrU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPItndmEjLrvIJOE_L53uqi18tS9ri58tq7zebztMoLIewK0dn5wRY6134wEZkAmgABwLAQXyLMByMZ4xvKGmDd8vXN67MrU

Request Chain 238

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENvz2Yhd0q1N968CKC1OeHI&google_cver=1&google_push=AYg5qPK0G0GtGehOerg6bWNOavyx1JQycXD3R2kErpRm3TVmfC4lEn4fYUawyyDv-T580OD164fDhPanVumjvcN_DdumY4xqQqge HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENvz2Yhd0q1N968CKC1OeHI&google_cver=1&google_push=AYg5qPK0G0GtGehOerg6bWNOavyx1JQycXD3R2kErpRm3TVmfC4lEn4fYUawyyDv-T580OD164fDhPanVumjvcN_DdumY4xqQqge HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY2MDczNzk3MjgxOTI0NTk1Nw&google_push=AYg5qPK0G0GtGehOerg6bWNOavyx1JQycXD3R2kErpRm3TVmfC4lEn4fYUawyyDv-T580OD164fDhPanVumjvcN_DdumY4xqQqge

Request Chain 239

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGUCiFJX3Ly4Xgq1cfwlOH4&google_cver=1&google_push=AYg5qPKRTs9Srug7x-6oopCNTQIGaKNM2aDXwGNthg5r6RuHRzhRjBZTmb4hJFSJd5Mw4bKY7UrwsF1loKSiPXt7MioOrqPWBp3l HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGUCiFJX3Ly4Xgq1cfwlOH4&google_cver=1&google_push=AYg5qPKRTs9Srug7x-6oopCNTQIGaKNM2aDXwGNthg5r6RuHRzhRjBZTmb4hJFSJd5Mw4bKY7UrwsF1loKSiPXt7MioOrqPWBp3l&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKRTs9Srug7x-6oopCNTQIGaKNM2aDXwGNthg5r6RuHRzhRjBZTmb4hJFSJd5Mw4bKY7UrwsF1loKSiPXt7MioOrqPWBp3l&google_hm=117716f00675553b48503a1d

Request Chain 260

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDkoneid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMGHo8y_8PECFZbWdwodywABTQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDkoneid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDkoneid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744524_d2e90780-e8f9-11eb-90c7-692d06cd5c64

277 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ja.pays-tarusate.org/
Redirect Chain

http://ja.pays-tarusate.org/
https://ja.pays-tarusate.org/

49 KB
10 KB

47ms
28ms

Document
text/html

2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4fc363efe59c0ac39e1832c08e4184d8b2d2390fb9cf5a6f269580579255b7b

Request headers

:method: GET
:authority: ja.pays-tarusate.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
expires: Wed, 21 Jul 2021 01:28:39 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PbKxLwAzyKKktvtYX7RVFqXlrVvNRSHhlmAX8se9ZOrq9HGrJXH8K7gOmMTJ3th0bGLKbGpeXaiN50t%2FwwZzagGi671e2bIX1YwibS5OqZWqNWeWlKMM3ZvLVh1qFibWsol%2F6V7bZ5PEUanPABgkpKcUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 671869fe1f314ec1-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Tue, 20 Jul 2021 01:28:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 20 Jul 2021 02:28:39 GMT
Location: https://ja.pays-tarusate.org/
cf-request-id: 0b632092af00002c3af31fa000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZ1v0%2BE8T2fYYrZ2xriuDSaOxIgq5lPDLn0boVwGaKx46LzXh2fY3sKaop5FpxfR6j3m5c5xKOKkoZ48H%2FySDH%2FidI0flLMaB1AWkXahvoV5T9zfVkMURcrPB%2B1NSn%2Byk1%2FzJTBT3gRb2JCV8GL3t1qYUA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 671869fdea692c3a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 51pb.min.js Show response
newrrb.bid/ 62 KB
18 KB 197ms
93ms Script
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/51pb.min.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: frodo.min.org.ua
Software: cloudflare-nginx /
Resource Hash: 87ce9f34f4684d5ca1f6260a9202d46b88231ef1bfa7266318c69fdae2032fac

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
server: cloudflare-nginx
duration: 555314
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Tue, 20-Jul-2021 04:33:39 EEST

GET
H2 200 smrcp_19121001.js Show response
cdn.zx-adnet.com/adx/ 144 KB
19 KB 59ms
13ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3701da754cd5a0bc28caf5540c9d07c59164f08cfc5a3fb57ffc4864ce97abe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 19 Jun 2021 15:44:43 GMT
x-timer: S1626744519.459727,VS0,VE2
etag: "5b3dfee603f4fa43f768bcdb3f5f4a2cdce1c019b73ecbe79f7cb0d0ca77d787-br"
x-served-by: cache-cdg20765-CDG
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Tue, 20 Jul 2021 01:28:39 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19503
x-cache-hits: 1

GET
H3-29 200 multiple-quaternion-multiplication.jpg
pays-tarusate.org/content/unity3d/ 42 KB
43 KB 39ms
31ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/unity3d/multiple-quaternion-multiplication.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4674febd110a22c7ccf04d931fad590bd4a3f0d0a910cd2972826a7d398fdaff

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43030
last-modified: Thu, 19 Nov 2020 20:00:03 GMT
server: cloudflare
etag: "a816-5b47b2c7b89a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XZGMsfsRWHKVgE7H2Sg33bphDRmOB1FvAcaKirmgr3Caewyc1qu6pBNn1EJQJevAYt9BM28x%2FimeNnXgmTrLqZhmOjkayNMmUHQpNAJ01aHImUccMo6WcBjxClkhVFjMgQRni87PoTwXWVvHoxt7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d2ac2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 on-coursera-r-programming-course-assignment-2-lexical-scoping.jpg
pays-tarusate.org/content/on/ 103 KB
103 KB 186ms
178ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/on/on-coursera-r-programming-course-assignment-2-lexical-scoping.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9b224f9951b6ada3df4495b4be25fa40b9033fa83cb24db77a44f0a0d2cf662

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 105100
last-modified: Thu, 19 Nov 2020 19:59:56 GMT
server: cloudflare
etag: "19a8c-5b47b2c0dfa2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4WmXA1kyiC4expt2xKI%2FtagOtj1xKIfu2LW8Az8m1N5iw7r0wSUMg93UK3CokCC1bVDaCx06%2FAeFN9O1dG%2BHbUfX8MyNjneoS1Z4m1swFT3OlwIPCWwKKWE6TicrunWPXdGmwXdX0Ziq7XHtqioDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d2bc2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 how-to-create-multiple-headers-in-wordpress-2.jpg
pays-tarusate.org/content/php/ 133 KB
134 KB 197ms
188ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/php/how-to-create-multiple-headers-in-wordpress-2.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c3e4c0ba4169115c319bc407a8193cbabe4f1002cac577375ffff0207caa061

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 136601
last-modified: Thu, 19 Nov 2020 19:59:57 GMT
server: cloudflare
etag: "21599-5b47b2c167618"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiqbEOeElC51el%2B%2F%2FYJgMiGr3l5Qw5bv5nks16RcywfDqSk1bvP8zOjrPpFLuJI1pukFvD6LxOYlA7Ln9f3nbXtQvh67ffyM024SvUQ6ylchTxp%2F%2BTe0oFA%2FHbECzaZBjEIQzpL%2B1fJJNRQSZn7ZuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d2cc2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 how-to-determine-distance-to-a-point-on-arc-perpendicular-from-tangent.jpg
pays-tarusate.org/content/geometry/ 89 KB
90 KB 202ms
193ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/geometry/how-to-determine-distance-to-a-point-on-arc-perpendicular-from-tangent.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b48096b3093c5dd86247fea7205d692860e72dfd5db451a1f4f43ec17761728

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 91028
last-modified: Thu, 19 Nov 2020 19:59:47 GMT
server: cloudflare
etag: "16394-5b47b2b897793"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVR937grhFJfC43Vdj4rzZ4m99Np9rxE3g1JPdxj4%2BFKM9O%2BI0TJybrKIauEJ5CgtLcZtefYlDepyR%2BdbGZy92hHhd30HIT3zM3a2iO69JIeYeLohHN%2ByV8m9cVT1I3uiZ2520ygmQlZxJiZId0e8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d2dc2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 finding-a-specific-character-in-a-string-in-matlab.jpg
pays-tarusate.org/content/finding/ 96 KB
97 KB 71ms
62ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/finding/finding-a-specific-character-in-a-string-in-matlab.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bd5cec499137577810c6540e191a6d56ae76ec6a8819aa30076eba0220077c4

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 98604
last-modified: Thu, 19 Nov 2020 19:59:47 GMT
server: cloudflare
etag: "1812c-5b47b2b859f2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFUHBNVoauSbBsB%2FlPjGyxK%2BEAK8rv8OCBwwHKD%2BS0jl45mbTIHIsVP3M2P7BdBSpGiy%2BqZpOtm0eK%2FerkZ7mYn6kY7jN%2BldbUjI59N9d7QsIlwpnMtl6BmuNPg1v4HFL1s5I%2F5cJzxbKOsZGnixyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d2ec2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 how-to-prevent-entry-of-a-disabled-date-in-bootstrap-datepicker.jpg
pays-tarusate.org/content/how/ 141 KB
142 KB 163ms
154ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/how/how-to-prevent-entry-of-a-disabled-date-in-bootstrap-datepicker.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ae3eb5ec447c740bddccf468b622827883ede2a9984bf0c73e39a12dc74b722

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 144434
last-modified: Thu, 19 Nov 2020 19:59:49 GMT
server: cloudflare
etag: "23432-5b47b2b9d3e2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9hX0cbOfBP5y2XqVOH1cVryRM5dLJidsC6CFepNTdzBg%2FILUCWAQuLpGwW%2Fi%2FkDcLgqgHt7OEIdb3NZIUH3mC9MZKMLwykWQgTVtvda5pSlVTD92cYhuLPtEJnLDe2duCQVaXdWtTMgEcQq1kRVYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d2fc2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 shortest-path-linear-programming.jpg
pays-tarusate.org/content/shortest/ 42 KB
42 KB 90ms
81ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/shortest/shortest-path-linear-programming.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7869723a3d3fe9f3a5084cf574e74154ccc21ed4ac7ec9a5decedec3fb5e98e5

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 42809
last-modified: Thu, 19 Nov 2020 20:00:01 GMT
server: cloudflare
etag: "a739-5b47b2c5d04fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuflqB1MrLOk1cFClH%2FzjPWGVBFlhrmo9Y66KrMbb%2FOxCujumhEAHMUhGv6ovIwW0xo9MVCRWkYfksPR%2FckACUVSGUWU2zF8xj7AmYFZprZrxdPc9123885LDwVfjpW%2BLPJYYnFEOu2Ya%2BvtEtTZGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d31c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 stored-procedure-for-delete-record.jpg
pays-tarusate.org/content/sql/ 36 KB
37 KB 125ms
116ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/sql/stored-procedure-for-delete-record.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2d43f37c8374726ef5c2da26b608a3d73710980d67998c2ff0310c689bbd798

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 37121
last-modified: Thu, 19 Nov 2020 20:00:02 GMT
server: cloudflare
etag: "9101-5b47b2c6820ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToemKXErNHauKwF%2BZIsHKSrPK4SopLQarbOCkTiQqKERY7kO7kjuYjMSS%2F%2BZw2Qz6jYjuYHGrx6nRLQj8nYVjOZX9WxcL93euXfENOQJ7C3Iz3fv8iYcEr2Vk4G5BnQzhlmrkc%2BMXcBkk1sij0KukA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d32c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 whats-the-best-solution-for-hive-proxy-user-in-hdfs.jpg
pays-tarusate.org/content/hadoop/ 63 KB
64 KB 63ms
54ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/hadoop/whats-the-best-solution-for-hive-proxy-user-in-hdfs.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1814fb310adacd76b9f167bd2e6c796903215657a25c3d185bc654433bb87dde

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 64513
last-modified: Thu, 19 Nov 2020 19:59:48 GMT
server: cloudflare
etag: "fc01-5b47b2b8e599a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xvy9YT3SbS1GNb6d6Qkq9XgEqVdBOkXHJ59VO%2F%2FrnQQFbhQGSnKkKd4nZNy8jF2D4W9GJFQnEXXrJozP0oqrrMZXfzqr5Hh4ICXnsk1ssZt%2BwkgAbTStEajmjkiT7Cj0fv5y8AASPfj5kXJS3Rr56A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d35c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 unity-how-to-use-all-cpu-cores-for-camera-render-with-multi-threaded-graphics-jobs-optimisations-not-working.jpg
pays-tarusate.org/content/multithreading/ 197 KB
198 KB 170ms
161ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/multithreading/unity-how-to-use-all-cpu-cores-for-camera-render-with-multi-threaded-graphics-jobs-optimisations-not-working.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c14673aeadd5c1ae530b43d16ff05b896c80d788b3f3ac43e17a5e423cec70

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 201606
last-modified: Thu, 19 Nov 2020 19:59:56 GMT
server: cloudflare
etag: "31386-5b47b2c06a722"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lSBT1rps0UsYWoOmnSyY1qrk3t41Y%2BHvpS2q3gnMtQ2S%2BreUUkiqIIlq5emjcgLLJsdUlQkFguMNsfOvGU4xWMTY869Nhg7B19dsQPoKOJ14SWN%2Bv4dx15fcSBDHMX8t7v%2FxW7VAv9RellhXxdZqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d36c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 no-recipient-addresses-found-in-header-closed.jpg
pays-tarusate.org/content/php/ 61 KB
61 KB 1098ms
1089ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/php/no-recipient-addresses-found-in-header-closed.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59e9131289a19799511dac0c3e07960588d0a4e864d6d22cb5c5bd0b9f2d99cf

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:40 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 62016
last-modified: Thu, 19 Nov 2020 19:59:57 GMT
server: cloudflare
etag: "f240-5b47b2c17607a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5a0nga6AjTWbq8v2BYRJk46%2BSZLJVLNLtBL%2F55y%2F97V39WBrHGSuxEhDEz7Y3A0d9%2FKJkWXnjkiqWH1ueuRKzI3Hah3BnhYkKNlYZy9bp18NZ2eG%2B%2BBcviRWgSzXfKXvGBRwZ5IWaRLcCYDoKiNIYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d37c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:40 GMT

GET
H3-29 200 word-conditional-text.png
pays-tarusate.org/content/vba/ 205 KB
206 KB 170ms
161ms Image
image/png 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/vba/word-conditional-text.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b41793d49dfb2a78fb88b93c1a76fd53020606c40c7bd4a0ce29272fa3b3f952

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 209898
last-modified: Thu, 19 Nov 2020 20:00:05 GMT
server: cloudflare
etag: "333ea-5b47b2c936727"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYxybB1BHpE%2BWBvFacq%2BHNL4N%2B6xg52UCFa7hFopkIokv0XMOZnXSSp9JnRqaEo5FJSw5METD7x8siFE5YbTxF%2BvADrdMznnHnymBy3tos3m4oJaWYcpzx47VetXKZciBKd0OauQ%2BLWcuIi9lQlsYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d38c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 oracle-error-when-creating-view-ora-01720.jpg
pays-tarusate.org/content/sql/ 103 KB
104 KB 209ms
199ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/sql/oracle-error-when-creating-view-ora-01720.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b17d2b3dc46bd613f237d71e9402925f0e4461b88b7ab4d39a45bf80389c384

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 105650
last-modified: Thu, 19 Nov 2020 20:00:02 GMT
server: cloudflare
etag: "19cb2-5b47b2c664c08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxFyZhSGFMUJmLTVRMNNcR9s3PFmZzogjMb7UN2zV%2BtEnFJ4%2F2isi1qRDiAECvNH%2FL6LgxhnAI1jhhf1hB6l8iBKgJ89rX%2Fs44Ili3YwRV6aWDOiyJ%2B96wrKWnNXEa1nlmJycM7qqet7ZZ2%2FDoxpLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d39c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 extjs-create-custon-icon-for-ext-messagebox.png
pays-tarusate.org/content/javascript/ 34 KB
34 KB 213ms
204ms Image
image/png 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/javascript/extjs-create-custon-icon-for-ext-messagebox.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 343f240ccc4c4f8b224cbe6036f5417eb0ca4472f2a2b2e45e50f5b4237f09af

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34655
last-modified: Thu, 19 Nov 2020 19:59:52 GMT
server: cloudflare
etag: "875f-5b47b2bd24899"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8AimhFpQWQqI68lDIQ7C%2Bg%2FoxmyA9axLjzDaH6uXmTd3THft8CwSXUZUDoiFKFmS3B3gU2%2F6utEUw4LFyGQBNO4gfIOmdKmyeMGmnMmpe8QRM2r2KSS32W3Ybi%2BUNOlpVaYSAi%2BuSVPkTePW7ipvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d3ec2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 How-to-make-a-JXTreeTable-sort-its-top-elements-5.jpg
pays-tarusate.org/content/java/ 60 KB
61 KB 102ms
93ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/java/How-to-make-a-JXTreeTable-sort-its-top-elements-5.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 114371c480a781b72b61036dbe1742d973b9a9da2065b5c8dac1da359cb19144

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 61896
last-modified: Thu, 19 Nov 2020 19:59:52 GMT
server: cloudflare
etag: "f1c8-5b47b2bc7a9ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1L%2BoEoRcEjdO0WZnzIOOUP7YiCfEVoeyeXOoi89M%2BTpvsuu593uVOAUbgLzYT5167%2BMRWlm%2BqUD0OVQ%2B2x%2FFJr%2FcifzK4nSRAaHdQCyXgKqiOctaBzAIjHOytc46Mso0hOMdo4E2%2Fa4tuLFzz7LRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d3fc2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 escape-user-input-in-windows-batch-file
pays-tarusate.org/content/cmd/ 354 KB
354 KB 214ms
204ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/cmd/escape-user-input-in-windows-batch-file
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1230edd5daeb397618309ee2cc2220b3d58733e735d890757ec862b7b7204c0c

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 19 Nov 2020 19:59:44 GMT
server: cloudflare
etag: "586a6-5b47b2b58a34f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4GqpsOV4VU9eYu6D6J%2FZFaQo9lxI%2BFkqGyazw70MWJ5q6dquXubLKjP48Mv8VAwvnsco6LAbEkLFGLvuWNG313raiIoUbGVP%2FjjNAfanm8ydPa8ZfE7WMwgusOeYgekF%2FFmcpFJAGIMsrUNc87sIA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 671869fe9d40c2d1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 362150
expires: Tue, 27 Jul 2021 01:28:39 GMT

GET
H3-29 200 difference-between-the-output-of-hostname-exe-and-envcomputername-closed.png
pays-tarusate.org/content/windows/ 101 KB
102 KB 227ms
218ms Image
image/png 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/windows/difference-between-the-output-of-hostname-exe-and-envcomputername-closed.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c72261ecfde0658ffd792d1bbce5c1fe03645f2069a818c7659c4c3b40186497

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 103495
last-modified: Thu, 19 Nov 2020 20:00:06 GMT
server: cloudflare
etag: "19447-5b47b2ca1903b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiTkOaaB8prUvt8OcsgEGxSUI0aoRoPtYnwELVtym6W%2BlhejZ%2Bg3cv1FlljM5PYCw5Fcpe8cqYnkkIMljM2QaEnLEpmMFQg29eEedtBogThlWlLjwBZxY0zgUfchnpF1QiyBrsavB4zvBAx1rpWBww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d43c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 virtualbox-fails-to-connect-due-to-windows-firewall-vagrant-cannot-start.jpg
pays-tarusate.org/content/virtualbox/ 41 KB
42 KB 98ms
88ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/virtualbox/virtualbox-fails-to-connect-due-to-windows-firewall-vagrant-cannot-start.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5635a85947b1bf96c7734e297f46f6cc6543246dd1aa7b594d2d8132dfca7053

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 42457
last-modified: Thu, 19 Nov 2020 20:00:05 GMT
server: cloudflare
etag: "a5d9-5b47b2c96458b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8isERkiPoLyJZxgkTMLpqzqmKy5d%2FMATFJM4uOebAOFyxf5jzjK30jMmBpenR9z8PwukltfXDUZQhGePG6MbZGI%2Bi4MVvJMCfgrhHbAX2KRi2Rw%2BvLu0NH6R6aFA8EmzOD3oWbBVW0he%2BE1whQRNJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d44c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 256-kb-in-cache-size-is-really-256-kib.jpg
pays-tarusate.org/content/caching/ 342 KB
342 KB 118ms
108ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/caching/256-kb-in-cache-size-is-really-256-kib.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a76bec6013aa725d0c64939617dd148dfc44f0ab1c91353360ed3d43bb3073f9

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 349888
last-modified: Thu, 19 Nov 2020 19:59:44 GMT
server: cloudflare
etag: "556c0-5b47b2b54caea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhL19DkYCq%2B0DCEMwgVfLKgP0mz42nOcyCjm8HumeGRYICBJsde%2FhEL5vJVr2yLAYhD4RARC82rQdwLg%2BD6ZzaCh0qKNyL8RYhnezNh9yNSwrg5mpmDN3dimi7ea1C61qZmi8el0GHLlG4FxDKXHHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d46c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET fatal-pathspec-file-txt-did-not-match-any-files-git
pays-tarusate.org/content/fatal/ 0
0

GET
H3-29 200 stat_smooth-on-ggplot2-not-showing-1.png
pays-tarusate.org/content/r/ 77 KB
77 KB 266ms
257ms Image
image/png 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/r/stat_smooth-on-ggplot2-not-showing-1.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baefdbae5749ee368dd1678b139786796d8db01f0412d69df52f2e2d6f4facd1

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 78671
last-modified: Thu, 19 Nov 2020 20:00:00 GMT
server: cloudflare
etag: "1334f-5b47b2c46dcfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnVYDTRmUt8D5W%2BLucfEf7xaCxrxCxapStW11Jv6nMFXMm9GZ2ZLdMZPDggMjusAF46uHbHKiX4kZDENoYBdup8EDa%2FLM4eaFtYPI2M9FoV7ZLEtvl8lFH7M9qFjZXNiHT8dk27jdNMRLLPPVRtgbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d49c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 how-to-add-rigidbody-to-a-imported-gameobject-of-a-modeling-software.jpg
pays-tarusate.org/content/c/ 86 KB
86 KB 103ms
93ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/c/how-to-add-rigidbody-to-a-imported-gameobject-of-a-modeling-software.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6551b7d0e17e16dbff189362a7b18c2d1930c5dd80717440c48dc113d3b016

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 87859
last-modified: Thu, 19 Nov 2020 19:59:43 GMT
server: cloudflare
etag: "15733-5b47b2b41526e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjE6S0VUxjUrlWroipP%2FHFqGyf2jbwnXGg0Zwe3hKtmjBHj0S2XXjn4VaX4HSoXDGsejyPNPrTodlz5mLn6DR%2FC31C6SgTFGZgQUNNEAsXJm9VOpcbG6Gk0BgJNMU6DUIADUcLCFNuV0FRsJpicEXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d4bc2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 how-to-transfer-a-discord-server-ownership-with-a-bot.jpg
pays-tarusate.org/content/how/ 175 KB
175 KB 269ms
259ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/how/how-to-transfer-a-discord-server-ownership-with-a-bot.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab8d2c6673fc081c4dcf72c8af0f2c3dea039a07e17c63009bb342ab74a75ccd

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 178836
last-modified: Thu, 19 Nov 2020 19:59:49 GMT
server: cloudflare
etag: "2ba94-5b47b2b9ffd53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viIaSA2esKXegJlocQhZp8lGc83amZfWJJhr2zy31kDIN4EEmywJSjxIZW1TEemf6GHnlEJRlQSZlfNb78pJgjDfXDtyiE92bUVlEbt1pWAR6eCgjoM%2F8qOc9CA7M8KQXa8XdCN79b%2Bm%2BKTQuDFAFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d4cc2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 draw-a-squiggly-line-in-svg-1.png
pays-tarusate.org/content/javascript/ 185 KB
185 KB 274ms
264ms Image
image/png 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/javascript/draw-a-squiggly-line-in-svg-1.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db3df5c6aa9bb3e21fa8363da25ef8ac1101e1d5b6892bda68a7db328a207f5c

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 189119
last-modified: Thu, 19 Nov 2020 19:59:52 GMT
server: cloudflare
etag: "2e2bf-5b47b2bd20a19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrpEjKigiKSr1BlxkoW0xvyESYyB5sfG7CVucffr%2ByeSC3FTeQta4dgd6kbzlPBHEYDu3Vfdwbj51%2BDjWeoeeRBanvrIdvpgF2YHa7d0iLpL0KSVeQbXOnFHb6X1Fz35byXZe419ONw%2Bfa15pxEViA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d4dc2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 what-is-the-difference-between-tel-and-sip-uri-in-sip.jpg
pays-tarusate.org/content/voip/ 66 KB
67 KB 280ms
270ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/voip/what-is-the-difference-between-tel-and-sip-uri-in-sip.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0067f16d2149c8bf35e7e0c2f718e302146a8a338ae30356b6b95a81a1cc2019

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 67891
last-modified: Thu, 19 Nov 2020 20:00:05 GMT
server: cloudflare
etag: "10933-5b47b2c9904af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1anlJrgeGB30uVaOVb3YvyEdWucU3y5evNVaBJFn9h%2FTc8a3ncW5TJRkkbNxZUYzFwGX7yt3Xs0m33fRAveQX%2BiY6l%2BluDNQKm4GRw%2FPwaz0b3qQuPndWGHmOnCqBvK%2F8GNimwtIlVt8W21mmJ4%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d4fc2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 where-to-configure-applications-that-appears-in-account-activedirectory-windowsazure-com-portal.jpg
pays-tarusate.org/content/azure/ 153 KB
153 KB 284ms
274ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/azure/where-to-configure-applications-that-appears-in-account-activedirectory-windowsazure-com-portal.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49a1e2fb5623aa809a06ea64ad7141c9d5ed31ebc14338e02ee7d0565cd37f30

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 156256
last-modified: Thu, 19 Nov 2020 19:59:41 GMT
server: cloudflare
etag: "26260-5b47b2b267749"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24gQHMTya8jrhAOi%2FZcgetDBTVMFabvQtDpNvkIcmkqlxQeOdUIbkhnHyxPMDlfL%2BMIRQr3WM5wqhLDUexhhVVpKdgEXRNRJlIiYzG%2Bvg%2BpaQ6WUq6yNRyTIxr1NRvNMz2F%2BnRIkTKISvNlmwCZicA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d50c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 what-is-the-irvine32-library-and-why-do-we-use-it
pays-tarusate.org/content/assembly/ 27 KB
27 KB 287ms
276ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/assembly/what-is-the-irvine32-library-and-why-do-we-use-it
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed1acb139a24ffe99660c99a869c45fe7c4a6b8a027eb610ef35aa638cbfcc48

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 19 Nov 2020 19:59:41 GMT
server: cloudflare
etag: "6b6a-5b47b2b235a64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ayC9oLIA6WGNCNXOduJZdY%2F0kYyOIzWTuwwbEd6dSK4It35n0C1pShbtmtj2Hj3c7c%2BiQoKhRH1yZG8hgYFJz%2BIvf6t9a6AhDnpnD9eOkJM7y0f4qJKlFQHgSBDI1was60iptAP9zDqAxoPfQx6sw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 671869fe9d51c2d1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27498
expires: Tue, 27 Jul 2021 01:28:39 GMT

GET
H3-29 200 how-to-disable-application-popup-after-a-crash-and-enable-the-crash-dumps.png
pays-tarusate.org/content/registry/ 360 KB
361 KB 288ms
278ms Image
image/png 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/registry/how-to-disable-application-popup-after-a-crash-and-enable-the-crash-dumps.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 909da6bb7435e1ba21704f44f8b1fff95e58534b4d97f33eaa99f5fdc14a4911

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 368632
last-modified: Thu, 19 Nov 2020 20:00:00 GMT
server: cloudflare
etag: "59ff8-5b47b2c4f9768"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyIFArkOVlMP4BLVkiYUmgjBn%2FeFqvwXVUSD70xbpPXbL50%2FtMwOcN3RDyCbuKWp%2BDSjjMKzBZPu6IH7ODKx0f7T3n6TR84ZOvOArHvD3DYwQYmCs4UeeQ0A%2BWfhY59OXnoS23k3eDh98Nj9GXG5TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d52c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 visual-studio-express-2013-add-reference-to-microsoft-sqlserver-dts-runtime.png
pays-tarusate.org/content/ssis/ 186 KB
187 KB 299ms
289ms Image
image/png 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/ssis/visual-studio-express-2013-add-reference-to-microsoft-sqlserver-dts-runtime.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 652ab2dac5b732224b0a7a3659e11568550afac74caf1842b900de7cbfce80d8

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 190543
last-modified: Thu, 19 Nov 2020 20:00:02 GMT
server: cloudflare
etag: "2e84f-5b47b2c69a76d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7MWe%2BIrNvn3Vb8%2FVWvuftiljV21gobONGiacbVxFTUR2QrkejovR5rv5jFSa2iWj%2FuV05vn0NfRE%2FQRMoLnu1obZz%2BK0SeS1J70Mt%2FXOqeniOT3Nzy2Gtm0OHV1oKkYbbYZtmc55G8KVxSAKAZgcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d53c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 assignin-evalin-into-matlab-variable-struct-1.png
pays-tarusate.org/content/assignin/ 10 KB
11 KB 304ms
294ms Image
image/png 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/assignin/assignin-evalin-into-matlab-variable-struct-1.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f606fd57952725dd4de9849ff3041391ec94ad23e819a16f935eef104d3205

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10542
last-modified: Thu, 19 Nov 2020 19:59:41 GMT
server: cloudflare
etag: "292e-5b47b2b2398e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gQHtjeQy88AwyCvHLhjqQNEl%2FIbd03xclfAMxTxA3DFdYXpIlARjSrAxmJHr5TaYbThshpPWtOWDurbUkB3ctN4GRd0dQftgQvhPMXnEsuqABzVnKupo5D4f5BVlVBA692ZTjc4Nq5m2sKIFUg6Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d54c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 mysql-1364-field-column_name-doesnt-have-a-default-value-cant-insert-into-db.jpg
pays-tarusate.org/content/mysql/ 44 KB
45 KB 305ms
294ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/mysql/mysql-1364-field-column_name-doesnt-have-a-default-value-cant-insert-into-db.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db255dc93f3295e7f89fc0318240bf3ba511286eeaf21fe3b4be5b844cfc2df

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 44997
last-modified: Thu, 19 Nov 2020 19:59:56 GMT
server: cloudflare
etag: "afc5-5b47b2c0762a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Fxi1QXcqfCQCCs28aXaPO0Tu6VWTNT4mu5CyCPVGgwciwgFqBnRWon%2B3Yz2PBWH5fUs7LkHw38BtQV%2FzXah9BGKKKrVJ4m%2Bo%2FgIU8O6lngqUDTbu1S9%2FFr%2BzxYfCRFg68e2yh%2BKWBSq3ZFru5FLbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d55c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 pandas-rename-axis-in-df.jpg
pays-tarusate.org/content/python/ 31 KB
31 KB 306ms
296ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/python/pandas-rename-axis-in-df.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f085e12ab04a1c2b2976b6e4e129f14120ad62056b66f7fa728607900452b2af

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31482
last-modified: Thu, 19 Nov 2020 19:59:58 GMT
server: cloudflare
etag: "7afa-5b47b2c2b9476"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c96CLYKyymKgC%2F38uZweI8%2F%2FxNa4qjy1yGsHYcGoVzmKsCcQ2ZBBjl6DER3PrJHER%2BWx7HmJ9XH8T2XPtsL7qELe9FYlcqaLzqXRmJ1F4Ideg%2Bxg5mpuo4sYqX9ggXduyoxrV9wl%2BHPX%2FUv3fiH7Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d56c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 insert-multiple-rows-sql-teradata.jpg
pays-tarusate.org/content/insert/ 34 KB
35 KB 308ms
297ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/insert/insert-multiple-rows-sql-teradata.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 633b675ee23b3530a972d913b1c179bc230ce6375a448eff99c9ef673b33031d

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34969
last-modified: Thu, 19 Nov 2020 19:59:51 GMT
server: cloudflare
etag: "8899-5b47b2bb9de77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zqcc9W%2FfiC3k5KCEmAbnj49OOGdBpkDgTQfZJ1pgmnDidwZWCE%2Bwg54SaJuybwrCW5AmmdZLz3H0jcYqFKjCAts8bGm0YN6bN7ZY6DR9Q2nGnNLJuOgjoT6J6g7MvRcmRVe7nS6ESLd4sb6AP51d7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d57c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 semilogarithmic-plot-semilogy-ignores-zeros-in-matlab-2.png
pays-tarusate.org/content/semilogarithmic/ 79 KB
80 KB 309ms
298ms Image
image/png 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/semilogarithmic/semilogarithmic-plot-semilogy-ignores-zeros-in-matlab-2.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 346997cc94cacdcf302a675edb1cd0aad4b855722bc267998134a4875f5d8324

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 81030
last-modified: Thu, 19 Nov 2020 20:00:01 GMT
server: cloudflare
etag: "13c86-5b47b2c5a74b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xe6PKZq878LKVNdFttJ2uxW7hEgmRr04pc9q46DyQ0Xi0ciPCgsoLQ02t6Bij9%2Fx9BYsYYIK8%2FDGLe7IjrWNsFr5KZZlsHQiRk6U%2BxIGrTirohyrNL%2BRbD4rbhMTKHQqVJNc1iEhxu6wBbmz3TwaCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d59c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 opengl-es-android-matrix-transformations.png
pays-tarusate.org/content/opengl/ 100 KB
100 KB 310ms
300ms Image
image/png 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/opengl/opengl-es-android-matrix-transformations.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c236d2a6cf7f94e183456e0a20212fbd2086042a52cf5567272acad36affcb78

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 102132
last-modified: Thu, 19 Nov 2020 19:59:56 GMT
server: cloudflare
etag: "18ef4-5b47b2c0f136e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Od4WArEUVZS2ArmrHBFF4VRYNdv%2BG8gfw4LdUCa5HhbLMTfUdXwx8WVlaloI%2BVG%2BxIY6Y%2B8acLGYISuO%2B2zNVHQPpxnQ73nlJLOIyNHc9%2F7%2FWU%2FCYgCRNhf%2FFWEJl%2BiPgetSTJQrsxwO8nySkHoxDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d5ac2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 official-way-to-use-the-new-keyboard-click-sounds-in-ios-10.jpg
pays-tarusate.org/content/swift/ 58 KB
59 KB 313ms
303ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/swift/official-way-to-use-the-new-keyboard-click-sounds-in-ios-10.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba162af33a8b0542a0ea185d33ca05cb3777256dce5b667c7651faf7b3c3c892

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 59306
last-modified: Thu, 19 Nov 2020 20:00:02 GMT
server: cloudflare
etag: "e7aa-5b47b2c6d4152"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUTsVzSjpEodoPBIlTXyrgnIp3RhlqfHS3tS3%2BPNjACe%2F7Q%2FPkl7khmXndgHrH21LpIbjictapKQVvAytTEDfowG6HlHdSeijS2fU0dDI3oQj%2BoqgG3oVmhjKt5qJrEzNRQeLP%2FecdH5ui7nPnGoHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d5cc2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 algorithm-for-max-distance-in-elements.jpg
pays-tarusate.org/content/algorithm/ 93 KB
94 KB 314ms
304ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/algorithm/algorithm-for-max-distance-in-elements.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64e6ee494557902a5ba9397c57d2e1d6e01faf0c0063c4715884dd3867ddcf43

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 95356
last-modified: Thu, 19 Nov 2020 20:00:13 GMT
server: cloudflare
etag: "1747c-5b47b2d0ffa75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVY%2FQ70Em%2FQXH5Etk8jKIXhkJsZayIJwQeO1KZAqBaMja0psZ2TUtf3tjev4Ocv7flPRN7eU9FONQ5%2Ba1cY5sxSuMKQdSVDxUkxyAfdZxt07iCjch6ALilHH7IQj5LGyV0GbWncYtmCquRii6%2BZKSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d5dc2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 how-can-i-write-mathematics-model-in-beamer-latex.jpg
pays-tarusate.org/content/how/ 98 KB
98 KB 316ms
306ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/how/how-can-i-write-mathematics-model-in-beamer-latex.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71cb6bbfac96f25cc46c7109ad79d54493f7c9c74f5d702d71662ff5e8c8d2a6

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 99946
last-modified: Thu, 19 Nov 2020 19:59:48 GMT
server: cloudflare
etag: "1866a-5b47b2b908c1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9xsshc%2B6pPqx7oyvqGpmASLxZzSLgN9TaFVMPNfFBR8RvURW%2FAOGJ39ujD7U2z9hYmtvTTYchVMWMYUOigPc1KZSO1IYGqtmlJy30f55BiTgrimSp7aatnJq9XYcEC2m7azfYDN2H0qLXZ3O6YOKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d5ec2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 make-blend-modes-in-svg-actually-work-2.png
pays-tarusate.org/content/shape/ 59 KB
60 KB 319ms
309ms Image
image/png 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/shape/make-blend-modes-in-svg-actually-work-2.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2abc6cc78e54c06172a9ed8084f7663ee3b7364e64cd1c640b007e9f385e7bf7

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 60853
last-modified: Thu, 19 Nov 2020 20:00:01 GMT
server: cloudflare
etag: "edb5-5b47b2c5c39da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9SPHeLP1Blj2%2B41KvBzxcDsqBiB9j60pH2XMPA41cS2xHFssqcwXMDs%2FTUNh6RW2yOPe4s22cWTcYxaUvCOpvCZ6XmHTJ3J2KBiBt0Jl8FvKqW%2FtCIbD%2FhK48dnzkpZJew7vuzURH2GXBqkiEm8ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d60c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 menu-not-showing-up-on-mobile-version.jpg
pays-tarusate.org/content/javascript/ 79 KB
79 KB 320ms
309ms Image
image/jpeg 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/javascript/menu-not-showing-up-on-mobile-version.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af396bd36d349005a0c9aa09bd60cd669d2d9d2c898472c3f31541fdb82c3cd2

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 80728
last-modified: Thu, 19 Nov 2020 19:59:53 GMT
server: cloudflare
etag: "13b58-5b47b2bd83441"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1qDtidcLwfTwPp1T0INitkVe6RS6CjBL%2Bz%2F1C%2BuxXt2Vrzw7UrItT8SzSSXn7GzCNzn5n%2BJwfrZWAOI0XaUFtiZfIRn595ixukMVNGSTNH6P%2BaZm6t%2Fj0AYqh56P5%2FN%2BwwqFHDwAjix0WRj2y4mzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 671869fe9d61c2d1-FRA
expires: Wed, 20 Jul 2022 01:28:39 GMT

GET
H3-29 200 email-decode.min.js Show response
ja.pays-tarusate.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 29ms
12ms Script
application/javascript 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ja.pays-tarusate.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ja.pays-tarusate.org
referer: https://ja.pays-tarusate.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0b632093090000c2d102a5f000000001
last-modified: Tue, 13 Jul 2021 12:14:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60ed83be-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1UdhKsQ4w4FK%2Bw%2BEgWLeWuR9hA71uEEOvM%2FwBJe8%2BrmbSp3vffhPtvHltQsLb3f%2BaO2PprWmxDnAprwlMAO1jHw2mXkgun%2B8I4Y2moxQI8hTwoiXf3Bt05pRuVjHAEWpY6GAFTvjIIwwN%2BT59Gp6gaxcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 671869fe7d06c2d1-FRA
expires: Thu, 22 Jul 2021 01:28:39 GMT

GET
H2 200 general_style.css
pays-tarusate.org/template/pays-tarusate/css/ 4 KB
951 B 28ms
13ms Stylesheet
text/css 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/general_style.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c9940a1698476f6f9aa2a8ca09e88666263154aa86a72bf473947f0f09793b

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1099202
cf-polished: origSize=5657
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 25 Aug 2018 18:00:00 GMT
server: cloudflare
etag: W/"1619-5744642c08800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXjhjma2cZzg9%2Bf3EaWUTVhTj8NVXplBmIm2gQVqAnfj10ZHvUZNI0Uv%2F79STAxK8S1rvFB4WFsI1mY2LWi0dhuEGoNytNmeMvc4kQyOkcR0OaTGjYv7AHPg%2BECt11q%2B%2FWTkPdpAehBtvHWkoOsShA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 671869fe7fa34ec1-FRA
expires: Wed, 21 Jul 2021 08:08:37 GMT

GET
H2 200 main_style.css
pays-tarusate.org/template/pays-tarusate/css/ 28 KB
5 KB 32ms
17ms Stylesheet
text/css 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/main_style.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7843eb6f53c01e1a367592f612780f02ceea172368acf5266f618e94848247e

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1068578
cf-polished: origSize=34819
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 25 Aug 2018 18:00:00 GMT
server: cloudflare
etag: W/"8803-5744642c08800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaNt9ejYEC9Y6HkGW2T%2BZ2q1ctJqyDyI6yxbavlr9Sbl8Qeqt9ZmkeiW3JbPk3NOCQ%2BcTM2Huluy4I7FNbY3cF5YNus5Dx4r%2BIQatyhlbU1aQib%2B%2BgnzBs3rpYnJEQOpE1BmXHXQG70ATeh0Q28Gew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 671869fe7faa4ec1-FRA
expires: Wed, 21 Jul 2021 16:39:01 GMT

GET
H2 200 reset_style.css
pays-tarusate.org/template/pays-tarusate/css/ 662 B
645 B 27ms
12ms Stylesheet
text/css 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/reset_style.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 353b2e68c0aeefe645d21343a30f43420cf68526a44536b90ffff8d48539a2db

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1068578
cf-polished: origSize=849
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 07 Jun 2018 18:00:00 GMT
server: cloudflare
etag: W/"351-56e110d49e800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVmtMrwg6gHMZgyX%2BaaF7X%2F3SJHDzYLxgu0%2BkLeUyswnjmycZ15UrIMw8H733itRu9H7VzHqOm6ndm4Ue8BWkzO7uh9h%2BMSBGUhpjlHKKQZsQA7RVhk2ueNTRgtAj8%2BIiFCV64M9bGyPrCNwJV8nyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 671869fe7fa94ec1-FRA
expires: Wed, 21 Jul 2021 16:39:01 GMT

GET
H2 200 font-awesome.min.css
pays-tarusate.org/template/pays-tarusate/css/ 30 KB
7 KB 31ms
16ms Stylesheet
text/css 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/font-awesome.min.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f6ec9192f604e9bec7a38f4d2b2ad5e81184c05a5395d131de6c7129f9f1314

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1008024
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 07 Jun 2018 18:00:00 GMT
server: cloudflare
etag: W/"789c-56e110d49e800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=issSrUJWl3mJUVLLF33Ul8dvqlnei8IkzmPvdxd5aWxYR6WcdO%2FYNF68cvsNaY6N7GLKKeQgZ9K07O%2FK5%2BWzyA2HwIpp4Mpgf3gPVCPa%2BM9laf10yrbJsIWuQFWnB%2BtfGU7al4wO0VHnze6EznV5gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 671869fe7fa84ec1-FRA
expires: Thu, 22 Jul 2021 09:28:15 GMT

GET
H2 200 adv.css
pays-tarusate.org/template/pays-tarusate/css/ 61 KB
42 KB 29ms
14ms Stylesheet
text/css 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/adv.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 833492
cf-polished: origSize=62935
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 17:45:24 GMT
server: cloudflare
etag: W/"f5d7-5bd46592ababf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovm6y6%2BitZgi4j1LDLxHt7L0egxTudXu92Nhau1BwsA6EtE0QQQPGFLY1UooAv%2BO0J7%2F%2FQmyLp7pxlOcZr0CZ%2BucpnPfqdzo03HLUeS%2F%2FmZg2dBwSQoHt5ruK4%2FfhnaQPAUl2Y0f3wpqq5qJ%2F7djlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 671869fe7fa74ec1-FRA
expires: Sat, 24 Jul 2021 09:57:07 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
pays-tarusate.org/template/pays-tarusate/js/ 95 KB
35 KB 34ms
19ms Script
application/javascript 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/js/jquery-1.12.4.min.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 128427
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 07 Jun 2018 18:00:00 GMT
server: cloudflare
etag: W/"17b8b-56e110d49e800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v0n86vSS2uNMKCEqqkpymZz9LkHqTQDCg4sPep1ouhFDUNvRRZ2t4NQi1wpYQOQVl7M3L1gOvgCVrY0LDDVt56x6ACa81QEDwn%2FlTmu3kwSvHLm38ZTlfbhqbv%2Bbpv21m18s2JE9HadYw60Hfvo7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 671869fe7fa64ec1-FRA
expires: Sun, 01 Aug 2021 13:48:12 GMT

GET
H3-29 200 script.js Show response
pays-tarusate.org/template/pays-tarusate/js/ 4 KB
2 KB 26ms
18ms Script
application/javascript 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/js/script.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34c9c13f7373cddd250356f30473709aeae3cdc2d56a5afdeb113b3033c33ea2

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 833492
cf-polished: origSize=5177
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 25 Aug 2018 18:00:00 GMT
server: cloudflare
etag: W/"1439-5744642c08800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdTA00YAk6QA17IodcFlXJjB%2B6aBHuzSpTyXKvAgvUfa1XciL63lKUH5mLgu21W2gUnWTBQUGcBe94cEjdQutJq3rhvVh2%2FECptJluh1ZgFQvRuYFa23b%2BIVZgD%2BScVim9U%2FfVGRfy8t%2FLX%2BpEmjUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 671869fe9d23c2d1-FRA
expires: Sat, 24 Jul 2021 09:57:07 GMT

GET
H3-29 200 jquery.zoom.js Show response
pays-tarusate.org/template/pays-tarusate/js/ 4 KB
2 KB 27ms
19ms Script
application/javascript 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/js/jquery.zoom.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbac863d2fb5589d11c75ddf028189eb39d22ec3496440cbbdf2b4ce7fe82d53

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 833492
cf-polished: origSize=5948
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 25 Apr 2018 18:00:00 GMT
server: cloudflare
etag: W/"173c-56ab00a1cc800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDid8EuktUirnpyW1uWUvmtReDqujw2lfXITxARy30RHeQs4GzL0e0EX0ewDKwyo5gWS%2FqGEIFh0HP4zqU%2FEBn9%2FVww75pfNRlK%2BgwE9bWWr1%2FgFnG74wEHJaG9xHGhlTq4zkOJ9MlvjCRWq4tzNSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 671869fe9d25c2d1-FRA
expires: Sat, 24 Jul 2021 09:57:07 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 24ms
5ms Stylesheet
text/css 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 12930
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1299
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
x-served-by: cache-fra19164-FRA
date: Tue, 20 Jul 2021 01:28:39 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 25ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 25648
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6756
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
x-served-by: cache-fra19164-FRA
date: Tue, 20 Jul 2021 01:28:39 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK adManager.js Show response
cst.cstwpush.com/static/ 59 KB
60 KB 105ms
19ms Script
text/plain 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cst.cstwpush.com/static/adManager.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

a33f0dff45ec00a74d89c8c07a2dd118b32b6e09e76f1286a0496fa3f7a50a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:28:39 GMT
Connection: Keep-Alive
Last-Modified: Mon, 05 Jul 2021 13:26:07 GMT
x-amz-meta-s3cmd-attrs: atime:1625491551/ctime:1625491551/gid:0/gname:root/md5:5de93a180df83ffef4bb6a1b8e4202e7/mode:33188/mtime:1625490829/uid:0/uname:root
x-amz-request-id: tx00000000000000087b60a-0060f62556-1445cb7b-fra1a
etag: "5de93a180df83ffef4bb6a1b8e4202e7"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1626744519.dop026.lo4.t,1626744519.cds078.lo4.shn,1626744519.cds078.lo4.c
Content-Type: text/plain
Cache-Control: max-age=3231
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 60430

GET
H2 200 / Show response
load02.biz/ 20 KB
20 KB 89ms
23ms Script
application/javascript 143.198.248.64
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://load02.biz/?pu=mvstmmtgmq5ha3ddf42dembs

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.198.248.64 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bc517d73155620e31d3c4ed028b32e51aa292a842adaaa64c509dc6988a55017

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 01:28:39 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery-2.2.1.min.js Show response
code.jquery.com/ 84 KB
29 KB 38ms
7ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.1.min.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2016 19:11:56 GMT
server: nginx
etag: W/"56cb5d7c-14e7e"
vary: Accept-Encoding
x-hw: 1626744519.dop226.fr8.t,1626744519.cds239.fr8.hn,1626744519.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29882

GET
H3-29 200 jquery.unveil2.min.js Show response
pays-tarusate.org/template/pays-tarusate/js/ 3 KB
2 KB 32ms
23ms Script
application/javascript 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/js/jquery.unveil2.min.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 585269
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 18 Dec 2017 18:00:00 GMT
server: cloudflare
etag: W/"b2e-560a11e6cc800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGBt4%2Fnn5RiDhug9d%2FFY8ZTSEe1Ysay8%2FLzbTY9QVpGvftfFg5uNEwgojv%2FJP%2B5YXSNezBZxiwnSXz3hJCIw0oo4%2B5ub1lHKGd7m2c94uGJF%2FHy2xcM2v5zuX0dRB%2Bl%2FJm2ktXdTfu2H%2F5filTGlZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 671869fe9d26c2d1-FRA
expires: Tue, 27 Jul 2021 06:54:10 GMT

GET
H3-29 200 css.css
pays-tarusate.org/template/pays-tarusate/css/ 24 KB
2 KB 236ms
233ms Stylesheet
text/css 2606:4700:3035::6815:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/css.css
Requested by: Host: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/general_style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 173649a681fd076c6a1564df9b0a423ea7d401d8e982950feeeb9b0d1ff1f1d7

Request headers

Referer: https://pays-tarusate.org/template/pays-tarusate/css/general_style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 383094
cf-polished: origSize=30154
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 25 Aug 2018 18:00:00 GMT
server: cloudflare
etag: W/"75ca-5744642c08800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B09tFob87HwNHPf0POijOfRyKNnjacpPGxbzqtwykCuxLwxHuusVzZemzP4ioPVFC6TDBXLvS8a4bufNCeGaLd4z7gwrgonbH7eSYXDANQXB5lIAg7X81seOF8wexfShHOA99vl4CBaOgQ6RjQehHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 671869ff1dbbc2d1-FRA
expires: Thu, 29 Jul 2021 15:03:45 GMT

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
230 B 17ms
16ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 19 Jun 2021 15:44:43 GMT
x-timer: S1626744520.548853,VS0,VE1
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-cdg20765-CDG
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Tue, 20 Jul 2021 01:28:39 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 1

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
368 B 213ms
212ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://ja.pays-tarusate.org/
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 65
x-served-by: cache-cdg20765-CDG
server: Google Frontend
x-timer: S1626744520.621118,VS0,VE197
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: a0aec6fd5bf8f337c4fb49e03ef26ec9
cache-control: max-age=3600,public
function-execution-id: sxyhydz6fkp9
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: DE
x-cache-hits: 0

GET
H2 200 51pb.json Show response
newrrb.bid/ 49 B
227 B 130ms
39ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/51pb.json?stat=%5B%7B%22t%22%3A%22start%22%2C%22extra%22%3A%7B%7D%2C%22ts%22%3A98%7D%5D&url=&v=2.2.3-c5cc624&r=hwp1ey70ko&referrer=
Requested by: Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: frodo.min.org.ua
Software: cloudflare-nginx /
Resource Hash: d4941d50333db4a482b943bd44c060c64805c19f41955da66b65bb4e78d8a96e

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
server: cloudflare-nginx
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json

GET
H2 200 51pb.json Show response
newrrb.bid/ 48 B
225 B 35ms
35ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/51pb.json?stat=%5B%7B%22t%22%3A%22loaded%22%2C%22extra%22%3A%7B%7D%2C%22ts%22%3A300%7D%5D&url=https%3A%2F%2Fja.pays-tarusate.org%2F&v=2.2.3-c5cc624&r=hwp1ey70ko&referrer=http%3A%2F%2Fno.domain%2F
Requested by: Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: frodo.min.org.ua
Software: cloudflare-nginx /
Resource Hash: 7e4e2039856b2fbe37417afba4863ed0471ab0b75f03c1489c22eba993460746

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: br
server: cloudflare-nginx
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/;0.8789351290187086
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/;0.8789351290187086

43 B
528 B

45ms
45ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/;0.8789351290187086

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:28:40 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 19 Jul 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:28:39 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/;0.8789351290187086
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 19 Jul 2020 21:00:00 GMT

GET
H2 200 1930 Show response
na.nawpush.com/tags/ 242 B
352 B 52ms
16ms XHR
application/json 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1930
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9126834120804b4123a5239704a7673e4a9b121611f9446b0767f085d412411e

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 01:28:39 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

639246a7d44a3314ddd757075b81734b6dc88e0dbff488daff7c3090b5064d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48357
x-xss-protection: 0
server: cafe
etag: 11450230260825320399
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:28:39 GMT

GET If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET KFOmCnqEu92Fr1Mu4mxK.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET 0QIvMX1D_JOuMwr7Iw.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET KFOlCnqEu92Fr1MmSU5fBBc4.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET fontawesome-webfont.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET KFOlCnqEu92Fr1MmWUlfBBc4.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET KFOlCnqEu92Fr1MmEU9fBBc4.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 223 KB
71 KB 148ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:40 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 10:21:03 GMT
etag: "60ec4755-11a70"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72304
expires: Tue, 20 Jul 2021 02:28:40 GMT

GET fontawesome-webfont.woff
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET fontawesome-webfont.ttf
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 179 B
387 B 34ms
17ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f447ccc0903fd8acfb81382eb38bef521e9b93ab7effb55f35e1e33f89820eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:40 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 67186a04a8ce323c-FRA

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/ Frame 01A6 10 KB
5 KB 5ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210712/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Jul 2021 04:16:37 GMT
expires: Mon, 02 Aug 2021 04:16:37 GMT
content-type: text/html; charset=ISO-8859-7
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 76323
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 6 KB
3 KB 25ms
7ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.1.28
Resource Hash: 11995232de4f3d1a0e964186801525fb5d85f20e4e47bc98338648d14520e5e4

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:40 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.1.28
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 20 Jul 2021 02:28:40 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9339.BDn7kc2ozeHx08vCj8nc3o68O6j-uJWfOgJDgAN60xw3uB6xrniMZf1jmCcIZfmM.EGfjLCNacQhoclNxHJIIyYXPdYM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9339.zKZd0ofy-dpBzuA78DIertdhfswyGwPHhJqiMsrG-c71GLPl1oEFvG16rxkBBKtimFteqK1yF-HfdgFR9CL9nw%2C%2C.U98PA_070XQtPb2EVgtrctjd-Y4%2C

75 B
75 B

55ms
55ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9339.zKZd0ofy-dpBzuA78DIertdhfswyGwPHhJqiMsrG-c71GLPl1oEFvG16rxkBBKtimFteqK1yF-HfdgFR9CL9nw%2C%2C.U98PA_070XQtPb2EVgtrctjd-Y4%2C

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:40 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9339.zKZd0ofy-dpBzuA78DIertdhfswyGwPHhJqiMsrG-c71GLPl1oEFvG16rxkBBKtimFteqK1yF-HfdgFR9CL9nw%2C%2C.U98PA_070XQtPb2EVgtrctjd-Y4%2C
date: Tue, 20 Jul 2021 01:28:40 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 48ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:40 GMT
last-modified: Thu, 15 Jul 2021 10:21:03 GMT
etag: "60ec4755-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Jul 2021 02:28:40 GMT

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 328ms
328ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 19 Jun 2021 15:44:43 GMT
x-timer: S1626744521.691354,VS0,VE313
etag: "acf494525e3877026bdb2c073692d275534d2343c0dbc0e70e25b584375d01a0-br"
x-served-by: cache-cdg20765-CDG
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Tue, 20 Jul 2021 01:28:41 GMT
accept-ranges: bytes
content-length: 67025
x-cache-hits: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/70769167/
Redirect Chain

https://mc.yandex.com/watch/70769167?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A112%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/70769167/1?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A112%3Afu%3A0%3Aen%3Autf-8...

316 B
398 B

51ms
51ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/70769167/1?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A112%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A98952980974%3Ahid%3A240979457%3Az%3A120%3Ai%3A20210720032840%3Aet%3A1626744520%3Ac%3A1%3Arn%3A805199556%3Au%3A162674452096198089%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626744519318%3Ads%3A0%2C16%2C29%2C1%2C41%2C0%2C%2C519%2C6%2C%2C%2C%2C610%3Adsn%3A0%2C16%2C29%2C0%2C40%2C0%2C%2C522%2C6%2C%2C%2C%2C610%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626744521%3At%3APays-tarusate%20-%20%E9%96%8B%E7%99%BA%E8%80%85%E3%81%AE%E3%81%9F%E3%82%81%E3%81%AE%E5%A0%B4%E6%89%80

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d821ea6c9065cc2ee05ca3bae4eb7ba915ee20318187c2f821d46479ef244eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 20-Jul-2021 01:28:40 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:40 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:40 GMT
last-modified: Tue, 20-Jul-2021 01:28:40 GMT
location: /watch/70769167/1?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A112%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A98952980974%3Ahid%3A240979457%3Az%3A120%3Ai%3A20210720032840%3Aet%3A1626744520%3Ac%3A1%3Arn%3A805199556%3Au%3A162674452096198089%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626744519318%3Ads%3A0%2C16%2C29%2C1%2C41%2C0%2C%2C519%2C6%2C%2C%2C%2C610%3Adsn%3A0%2C16%2C29%2C0%2C40%2C0%2C%2C522%2C6%2C%2C%2C%2C610%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626744521%3At%3APays-tarusate%20-%20%E9%96%8B%E7%99%BA%E8%80%85%E3%81%AE%E3%81%9F%E3%82%81%E3%81%AE%E5%A0%B4%E6%89%80
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:40 GMT

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 131ms
131ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 19 Jun 2021 15:44:43 GMT
x-timer: S1626744521.140421,VS0,VE116
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-cdg20765-CDG
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Tue, 20 Jul 2021 01:28:41 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 69 KB
24 KB 65ms
24ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

6e1f69d3b5f58ec2a8f716356eec3fcd84132ee1e16cef36b13c2e4ea9ba89f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 0 of 1000 / last-modified: 1626732543"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24181
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:28:41 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccbe1d5faf2711b2aeafde10dc31b04fb32d443f0d694a5cfdb610aef135d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 751 of 1000 / last-modified: 1626732643"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24907
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 59ms
54ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.06032840826246466

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.000178491825726379
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.000178491825726379

0
0

52ms
51ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.000178491825726379
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.000178491825726379
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 58ms
52ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.19040273657319084

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.2379940862078851
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.2379940862078851

0
0

49ms
49ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.2379940862078851
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.2379940862078851
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
83 B 55ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.3308373580194137

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.18670856737252972
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.18670856737252972

0
0

50ms
49ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.18670856737252972
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.18670856737252972
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
92 B 102ms
97ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.7414875115972219

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.09455989590941116
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.09455989590941116

0
0

56ms
55ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.09455989590941116
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.09455989590941116
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 57ms
52ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.6373766135868988

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.0012994405257240604
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.0012994405257240604

0
0

51ms
51ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.0012994405257240604
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.0012994405257240604
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 54ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.5670423663055515

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.82679008770763
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.82679008770763

0
0

52ms
52ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.82679008770763
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.82679008770763
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 54ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.22678611332392684

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.14499149073173734
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.14499149073173734

0
0

88ms
88ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.14499149073173734
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.14499149073173734
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 57ms
53ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.7061702584145102

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.44820469938088214
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.44820469938088214

0
0

49ms
48ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.44820469938088214
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.44820469938088214
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 105ms
101ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.04932835557252835

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.8312588414797137
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.8312588414797137

0
0

62ms
62ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.8312588414797137
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.8312588414797137
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 101ms
97ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.5679595033925962

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.6491437757694667
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.6491437757694667

0
0

65ms
64ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.6491437757694667
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.6491437757694667
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 100ms
97ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.23773662023726372

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.7538586025437783
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.7538586025437783

0
0

52ms
52ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.7538586025437783
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.7538586025437783
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 104ms
101ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.6812200515026798

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.6755298106880085
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.6755298106880085

0
0

56ms
56ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.6755298106880085
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.6755298106880085
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 107ms
104ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.20695885931344704

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.39341616498814
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.39341616498814

0
0

49ms
49ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.39341616498814
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.39341616498814
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 100ms
97ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.9812511599345846

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.6548530285758642
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.6548530285758642

0
0

63ms
62ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.6548530285758642
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.6548530285758642
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
92 B 103ms
101ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.31940149456532163

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.594056241927019
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.594056241927019

0
0

49ms
49ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.594056241927019
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.594056241927019
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 106ms
104ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.341777030689864

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.23360409294990347
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.23360409294990347

0
0

55ms
55ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.23360409294990347
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.23360409294990347
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 /
mc.yandex.ru/watch/56614870/SMRCP/ 43 B
71 B 105ms
103ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.23225504968846544

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/%22:%22%22}}}&r=0.7484865101355944
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.7484865101355944

0
0

56ms
56ms

Image
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.7484865101355944
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:41 GMT
last-modified: Tue, 20-Jul-2021 01:28:41 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F%22%3A%22%22%7D%7D%7D&r=0.7484865101355944
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 20-Jul-2021 01:28:41 GMT

GET
H2 200 pubads_impl_2021071502.js Show response
securepubads.g.doubleclick.net/gpt/ 330 KB
115 KB 30ms
29ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

acc5d1f40fa2e46ed40bec9c01d1463a630adbf627df4d7ee94e03563736635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 16:00:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117522
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:28:41 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 39 B
712 B 63ms
25ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.pays-tarusate.org

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

4a1c4179f503e7a42fac6e2bde3220a18857b775a512c9cd6c03eebc31109332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:28:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
11 KB 2019ms
1996ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880928917280788&correlator=815835292783332&output=ldjh&impl=fif&eid=31060837%2C31061737%2C31061831%2C31061499%2C20211866&vrg=2021071502&ptt=17&gdpr_consent=CPJnYPePJnYPeAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id4_overlay&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1600x90&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DPays%2520tarusate%2520Pays%2520tarusate%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1626744521&dt=1626744521604&dlt=1626744519409&idt=2124&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1345&adks=1736661757&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=608829577.1626744522&ga_sid=1626744522&ga_hid=2007834600&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e2b48ec19268e245164a31c01aff935182d6e870e4f4e1157c7ccc6ed6352e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11579
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 45ms
13ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 107 KB
29 KB 1134ms
1111ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880928917280788&correlator=815835292783332&output=ldjh&impl=fif&eid=31060837%2C31061737%2C31061831%2C31061499%2C20211866&vrg=2021071502&ptt=17&gdpr_consent=CPJnYPePJnYPeAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_smrcp&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x250&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DPays%2520tarusate%2520Pays%2520tarusate%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1626744521&dt=1626744521610&dlt=1626744519409&idt=2124&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=735&adks=374923694&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x-1&msz=1170x-1&ga_vid=608829577.1626744522&ga_sid=1626744522&ga_hid=2007834600&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

3b1fe35c168b5338c79582dae3a4c71a918063ebbdf6003e62c43c02f8a0ee28

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMOtm8u_8PECFZWtewodc28LqQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/13344403831178937607/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMOtm8u_8PECFZWtewodc28LqQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/13344403831178937607/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29350
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 20 Jul 2021 01:28:42 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
12 KB 863ms
841ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880928917280788&correlator=815835292783332&output=ldjh&impl=fif&eid=31060837%2C31061737%2C31061831%2C31061499%2C20211866&vrg=2021071502&ptt=17&gdpr_consent=CPJnYPePJnYPeAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_smrcp&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x90&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DPays%2520tarusate%2520Pays%2520tarusate%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1626744521&dt=1626744521612&dlt=1626744519409&idt=2124&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=3028&adks=438599633&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=759x-1&msz=759x-1&ga_vid=608829577.1626744522&ga_sid=1626744522&ga_hid=2007834600&ga_fc=false&fws=4&ohw=779&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

4fc84ed94feb8a0f6777b201379478ae8d900718e1b9b2c80000e3cc0d737c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11798
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
8 KB 1744ms
1723ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880928917280788&correlator=815835292783332&output=ldjh&impl=fif&eid=31060837%2C31061737%2C31061831%2C31061499%2C20211866&vrg=2021071502&ptt=17&gdpr_consent=CPJnYPePJnYPeAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_smrcp&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DPays%2520tarusate%2520Pays%2520tarusate%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1626744521&dt=1626744521614&dlt=1626744519409&idt=2124&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=1529&adks=110995058&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=329x-1&msz=329x-1&ga_vid=608829577.1626744522&ga_sid=1626744522&ga_hid=2007834600&ga_fc=false&fws=4&ohw=389&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

c57f35ee65733bf8fd546ff7688754d630eb2cca5f2f503644585c9b7d016fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8567
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
11 KB 414ms
393ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880928917280788&correlator=815835292783332&output=ldjh&impl=fif&eid=31060837%2C31061737%2C31061831%2C31061499%2C20211866&vrg=2021071502&ptt=17&gdpr_consent=CPJnYPePJnYPeAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id4&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DPays%2520tarusate%2520Pays%2520tarusate%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1626744521&dt=1626744521615&dlt=1626744519409&idt=2124&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=2608&adks=3932626819&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=329x-1&msz=329x-1&ga_vid=608829577.1626744522&ga_sid=1626744522&ga_hid=2007834600&ga_fc=false&fws=4&ohw=389&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

364d114f753ed618f9562ff7c3ce1d040942a37bd8b8d94465f10cb987a006ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11693
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 2352ms
2331ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1880928917280788&correlator=815835292783332&output=ldjh&impl=fif&eid=31060837%2C31061737%2C31061831%2C31061499%2C20211866&vrg=2021071502&ptt=17&gdpr_consent=CPJnYPePJnYPeAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id4&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x250&cust_params=site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_hash%3D%26keywords%3DPays%2520tarusate%2520Pays%2520tarusate%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1626744521&dt=1626744521617&dlt=1626744519409&idt=2124&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=4104&adks=2453291229&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.pays-tarusate.org%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=608829577.1626744522&ga_sid=1626744522&ga_hid=2007834600&ga_fc=false&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef2e76fc55046532f092ff9133aef18ba989f16c219c67902cc5ccb1ce679ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5134
x-xss-protection: 0
google-lineitem-id: 5343082272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308219595
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107130206000/ Frame DF57 188 KB
54 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55160
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b724d3ee8cec1601"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame DF57 13 KB
5 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4795
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "392d0f0d5f27c169"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame DF57 87 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27843
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f120bcb28bbafed0"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame DF57 71 KB
16 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16734
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b05480813bd9b7e9"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:59 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame DF57 4 KB
2 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1658
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6fba3cabb8cd86f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame DF57 40 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12840
x-xss-protection: 0
server: sffe
date: Tue, 20 Jul 2021 01:12:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d4edf2414c2591f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:12:53 GMT

GET
DATA 200
OK truncated
/ Frame DF57 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bf6bbf6e7bb60d84519cf6afe9d58e1a6a709b6a8a18175194f1e93b8258e22

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DF57 3 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 18:02:54 GMT
x-content-type-options: nosniff
server: cafe
age: 26748
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 20 Jul 2021 18:02:54 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DF57 344 B
618 B 7ms
5ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 10097
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:40:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DF57 0
0 18ms
16ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaST5NdiLromorgMte448lExvHoq5alqXriSLuZdXUFxfL3-kuqGU3Hs-3LDU4IrzMiFdGKLkBVH10zY6K6dopOBWgrfgg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DF57 0
0 54ms
53ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkrIyySb2YIOAKqWox_AP0M68yA6t143TY7bHvKb1DcWArImIIBABIIbhhSpglfrwgYwHoAHpxaqdAsgBCakCOsJKyjXLsz7gAgCoAwHIAwiqBPMBT9DCft3O0ImqzcUV7Zq5-lz6HmEeeNWSSM3fuIgN0RSrkDjj42vtCmF1MGDCA_Rijn4324WyIsRG6xsSfu1oZSiHQzeWvaFh__r8PXy1ybDjQW_A5uXqlk_M0vOsdtkk2y14f2RJKKu0WSIKWduw_19OqrcoB7Cr9nQgjKxxu8_wDvE9rOLOEp3rhQL41xK8kMIGD6iW6mOAxMa3HJ233EA3S3lz_OY46cNwYXPQarnTS5HtB45RhZEwNG7OhwJz1y5XHVgQxpH_fTss5ZM9vBdYuV-puZ4lf5_RwmIeBC88akwyQRdRNTTWmYIFb1vjtlauwASs5YmnlQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH_7nV4gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQmJYM0ggJCIjhgBAQARgdgAoDyAsB2BMN0BUBgBcBshcaChgIABIUcHViLTY1NTA0MTMzNjM2MDI1ODg&sigh=xljkqa5BAVE&template_id=419
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 bg.jpg
tpc.googlesyndication.com/sadbundle/14675056242444699013/ Frame DF57 63 KB
64 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14675056242444699013/bg.jpg

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

294337b5cc03e33a5bb8f0b1cba08cdeae64798147777ddabcea5b00da1389be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 03:20:32 GMT
x-content-type-options: nosniff
age: 598090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64977
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:14:29 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 03:20:32 GMT

GET
H2 200 sale.svg
tpc.googlesyndication.com/sadbundle/14675056242444699013/ Frame DF57 3 KB
2 KB 8ms
6ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14675056242444699013/sale.svg

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd49c40d80e9ca8f78017b959a1ad0d33cb4184bf4b965099a63f18e687b10e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1532
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:12:54 GMT

GET
H2 200 text.svg
tpc.googlesyndication.com/sadbundle/14675056242444699013/ Frame DF57 3 KB
1 KB 12ms
12ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14675056242444699013/text.svg

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

225a7a7088363b0ac6c152aabfd0dc6f8c6bd8ac68ab8dd63c5718f0d05a8937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 04:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1264
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 04:47:17 GMT

GET
H2 200 headline.svg
tpc.googlesyndication.com/sadbundle/14675056242444699013/ Frame DF57 5 KB
2 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14675056242444699013/headline.svg

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a88a8f80d8f3e66c12c032e36343443b8b9fd172d22e48cfc84c9a5e12cbee74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 03:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597209
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2263
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 03:35:13 GMT

GET
H2 200 cta.svg
tpc.googlesyndication.com/sadbundle/14675056242444699013/ Frame DF57 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14675056242444699013/cta.svg

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee153ac22d6b749db801ac2665b79d0c3823e2a87f534e2f237f94c0598ae452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 08:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 985
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 08:28:07 GMT

GET
H2 200 logo.svg
tpc.googlesyndication.com/sadbundle/14675056242444699013/ Frame DF57 8 KB
4 KB 13ms
13ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14675056242444699013/logo.svg

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9f2060fc2fcc1792664c9cbe6c03f819fbf89cb3f5e33e3c702a17597853cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20140
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3504
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 19:53:02 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 21ms
18ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071502&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41912beaae613ca633878422f65e3da6d9865d74a468a8cb917603e9eda2a084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8499
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:28:42 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C366 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 01:12:56 GMT
expires: Wed, 20 Jul 2022 01:12:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9993 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e2c08b039eb547e587cb261a72c0ff23a3ef83d5612624dbc44c2b22ceec8fce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FwhmiFR1/fLl7jMJISUFZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

expires: Tue, 20 Jul 2021 01:28:42 GMT
date: Tue, 20 Jul 2021 01:28:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-FwhmiFR1/fLl7jMJISUFZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame C366 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071502&jk=1880928917280788&bg=!NDelN3PNAAZjFomlYxY7ACkAdvg8WqBfZEHaBe9eXD8hKcCPhcgGJSID1NUZc9ea1GlyDqHxHLbWdgIAAACbUgAAAAxoAQeZAontp417AuwucU_d-AzLymefuP7zuZQhUlIrAvjfRYAbdo80Vi-ED7lDgXdZNWd06CjC2TDLKg0s9Pn7yBny-eV3ooplsp9-gK5XAD1lXwoYR39BlLi3n29puta6aq3dPcQHuOYISrOJF0Thtep-JR-CatX96258j_6COkhH8Vpeo-kX1H35wIR94l1bRkPHBI_piddCCmaudmHv7uE7eRcn-cvv_NR_5_5NeTRyacO_5FT0XBMVsx-cJReSluFBaaXmx9MAOZpF-miv-vD_6ROJ1TeOxO6yLkiMBppa6n0aQbTiWQe9uFyBJpC04qezjjJE4M8lTWu18ZG93pgydTyBk9sPvuhUSfypbZJ2gfOYnryBjRBCVwbxhn4xSKVu4jFw4jYuGconFTfnLa1oaGn7TNyG33Bh4p-nU9zjThaHcneXfvMoGt2IAc4vHTnwOc-SfaaiQmQgPOdgwgDwZ6oAI9QEO1FBzoZfFAZoD8RZsz8kAcbNXltIopOozWuKoENO36CrVeMiDWyD4twmnWmRGxd6kHoOV_kxNZG1nDFyT8Cw6fTeeqnB_jqKBKyLB6tj2UnLLt2C6QdKDpN2I0G1aKG3NFxa5WiGgKKgobHm1b6S7WRC-qMIcLzX-HubI7l4DRg7R0BGP6JBf_VY3vIqcp3jKCDpZm_sltkKegcqQ8bs7PqC2hSyk2YQW7cakdcdRNeHAMfDkg6EFZAXIpem_ffDTwkRrZ_9NRsdCvaNT48JZypeajlWLLJ7RgFYxvHgj7KYTIeAp2xAYm0BXs5ThM4B2hTUrdzXa5I_m5sgQTA7_5-CwkAVsKpJ6x2DjFbllXk-wIZ2F0Qe7i2RR02AHx94-lO4feCC

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107130206000/ Frame 4646 188 KB
54 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55160
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b724d3ee8cec1601"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 4646 13 KB
5 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4795
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "392d0f0d5f27c169"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 4646 87 KB
27 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27843
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f120bcb28bbafed0"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 4646 4 KB
2 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1658
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6fba3cabb8cd86f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 4646 40 KB
13 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12840
x-xss-protection: 0
server: sffe
date: Tue, 20 Jul 2021 01:12:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d4edf2414c2591f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:12:53 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4646 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 18:02:54 GMT
x-content-type-options: nosniff
server: cafe
age: 26748
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 20 Jul 2021 18:02:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4646 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 10097
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:40:25 GMT

GET
DATA 200
OK truncated
/ Frame 4646 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 224b6ca2bc734f7043f8a26c305a29fb6b501495d8ffff86a7ad56fa48be84d4

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 5058683443461167931
tpc.googlesyndication.com/simgad/ Frame 4646 40 KB
40 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5058683443461167931?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkVXpfTlk4k5lWFVPkvJ5yZIiwJcQ

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3745f2e7dbf3de7c7e2c28590159fe6b6c7291ac75f39c82246661ff81634957

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 09:20:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 08:52:49 GMT
server: sffe
age: 576501
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41346
x-xss-protection: 0
expires: Wed, 13 Jul 2022 09:20:21 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4646 0
0 53ms
52ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cyhdsyib2YMZc14LuA4zVregJpN-d3WPbiLiMjw7AjbcBEAEghuGFKmCV-vCBjAegAdGBmb4DyAEC4AIAqAMByAMIqgTvAU_QD2IeeIK_6VuBW-z-NK6nfiNYsNNJD2IiP3Ytdz9bljQRohvnL4vABcGrfxcgx0cHbuFLVKv2qsZDC7uuwDK9lqJUXCJo0nIQNXkWLiAnjxQpN3Pl8h037_5JwnwvGWREm1hOUUrXXSM-GvDyUnzx6aHIn3wJAtkIhI1ZshxCQQel41MjwlleYz652k91xWqrdPztY-0xirE32Y7Cr0xxbvRPyoNc4nAp8LsENqAfs-iwCZn1RcbR6ArAaw7ilXkEl9_SBCEucUDWUbNc2wf0pUXw567_d2DpECkWBPizKGPykcehDsjy6kkdlWyDwAT5vqbHyAPgBAGSBQQIBBgBkgUECAUYBKAGAoAH5b_IzgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQzr8Q0ggJCIjhgBAQARgdgAoDyAsB2BMC0BUBgBcBshcaChgIABIUcHViLTY1NTA0MTMzNjM2MDI1ODg&sigh=zRrYsDwrPzE
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4646
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 20 Jul 2021 01:28:42 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 container.html Show response
6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 29A0 6 KB
3 KB 19ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 01:28:41 GMT
expires: Wed, 20 Jul 2022 01:28:41 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:42 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:28:42 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/ Frame 26F4 78 KB
19 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/index.html

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69954afb8a6f7cbf6b36c2fa4c6ba205d058ccbf2028ccf0285f3e10f6f47f89

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/13344403831178937607/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 17 Jul 2021 16:14:59 GMT
expires: Sun, 17 Jul 2022 16:14:59 GMT
last-modified: Thu, 11 Feb 2021 14:12:56 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 19576
age: 206023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DAA2 0
0 53ms
53ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYbzLyib2YMOgHJXb7gPz3q3ICu7PoqpinLzdqvUMsJAfEAEghuGFKmCV-vCBjAegAbaeyqoByAEJqQI5Us9lG8yzPuACAKgDAcgDCKoE_AFP0OIFy7yRLDLzXF36nWL4G1HpbpEQtFh5gExT2YDXDi-0DUtbEVUCky-xqXjM0DFVQUKwd1lNbrGw7BijzTwWqWUMePGIvEaNRU22ztzbV7lmA3AhEOtEOwi72xrp4PCjyWcUTyUcp2OB6ACkfHhl9SNZjcmV0Rg5GzE-QyCX4nJQ1ZrjPyuHLdUT5zYz7DYCP5jbYh0fRvPRP4IgJnVGkx6dUFt_FIEpyJJ6JDyiBv5Y4LWXi9H5-J9cnIhqcKvxhrGEj9sXRrg-503LpMD-uOe6g1p8GeNBydvoCVfrJqX44NEgJZvOXO_aJQs2h0Ttasv4ztlpVmGRDabABOSUqLPsAuAEAZIFBAgEGAGSBQQIBRgEoAYugAezpu-aAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDY3BrSCAkIiOGAEBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNjU1MDQxMzM2MzYwMjU4OA&sigh=dhHEKC-lCU8&template_id=419
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame DAA2 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite_fy2019.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 00:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 6317884472378718772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 00:53:01 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame DAA2 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:18:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAA2 124 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:42 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:28:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame DAA2 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:08:20 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame DAA2 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJLuRtdWcQsSYmX6WCJOSO41JCKREGfA7ELZ77bIraoHGZWUOI5w4R-M_Cf4TdI9NYNl0GEIM-P8-Tw_MfBGBtR9ooMQ
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8A9F 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm-py9_hVE4pG0xL_k6rbjrMYONWaJxqzzn13a4haycZ0TyIoAeWQUnUNq9RMo; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 20 Jul 2021 01:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 26F4 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 21 Jul 2021 01:12:52 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 26F4 26 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 20 Jul 2021 18:31:13 GMT

GET
DATA 200
OK truncated
/ Frame DAA2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ffe32b99e14df8f1acc65cf9dbecefd799116da531199de9381fef34459a9da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8A9F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm-py9_hVE4pG0xL_k6rbjrMYONWaJxqzzn13a4haycZ0TyIoAeWQUnUNq9RMo; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Jul 2021 01:28:42 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 20-Jul-2021 02:28:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Jul 2021 01:28:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Jul 2021 01:28:42 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 728x90-TXT-ALL-DE.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/ Frame 26F4 3 KB
978 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/728x90-TXT-ALL-DE.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a7c5f3d5bdfc31b8cffb6544650a1fce7f0b616f1c29aa6db02353a29c6fc75

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 4144
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 945
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 14:12:56 GMT
server: sffe
date: Tue, 20 Jul 2021 00:19:38 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 00:19:38 GMT

GET
H3-29 200 Button-TXT-DE.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/ Frame 26F4 2 KB
1 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/Button-TXT-DE.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cc63e6ef52c1e2f0e5845b2e14bddb497238c0eca580e9441b8e8a776bf1f0a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 12445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1028
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 14:12:56 GMT
server: sffe
date: Mon, 19 Jul 2021 22:01:17 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:01:17 GMT

GET
H3-29 200 bc-Logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/ Frame 26F4 3 KB
1 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/bc-Logo.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66c9937b0a2f4f0989d9e2d16cfca7a386b9f39ac61686fa9a770dedbb4fe07e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 592832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-resource-policy: cross-origin
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1074
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 14:12:56 GMT
server: sffe
date: Tue, 13 Jul 2021 04:48:10 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 04:48:10 GMT

GET
H3-29 200 728x90_GR.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/ Frame 26F4 30 KB
30 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13344403831178937607/728x90_GR.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e1b59915e3f5f7a9e57d5c739c44ed7ae3601582ecb13b623345e21b24921a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 581398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30566
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 14:12:56 GMT
server: sffe
date: Tue, 13 Jul 2021 07:58:44 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 07:58:44 GMT

GET
H3-29 200 container.html Show response
6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1820 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 01:28:41 GMT
expires: Wed, 20 Jul 2022 01:28:41 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1820 0
0 54ms
53ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsVcxyib2YMSeLKay-gbDromYCsjE17lg7YLi1s0Mj6L9sokNEAEghuGFKmCV-vCBjAegAdKf05kDyAEJqQI9hd66kOZ-PuACAKgDAaoE8wFP0I8dYsWA3ch9sWvzGQ8NqpRPqC_rcrSQBtif0HH7m_93Mjx7XbG74QgyxT7Pbal6JkZZxh-lbI4OiTbzZdoRlFpAoc6SfouSnKBd647PL5kl-OGCETqWyY1lWvddfudFX4fLuCbKll8cU-Kw-9GH6sFT_4Fr4BPjH4vpjNYvHqE27EbSJYV2QuZlRwCaLcV_vs2Krx8SPa7iq4NCvgLRMev7vnKfjACAQ9PZ7q6t5B2mq6Qk0p2yUx_ybKEvjWGuiZH-XefsrUyPA8TtwhR4VimVWwfp03g_GBFtjMvZvJmI2_vjM7oBKKwDufQcGnKyI4bABO7B07rSAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYRgAfwtqsFqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJ_RBtIICQiI4YAQEAEYHYAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi02NTUwNDEzMzYzNjAyNTg4&sigh=h8ZDDENpnb8
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 5fad4ace46423319cfde3d77 Show response
c.bannerflow.net/a/ Frame 1820 50 KB
17 KB 75ms
57ms Script
application/javascript 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/5fad4ace46423319cfde3d77?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCANFzyib2YMSeLKay-gbDromYCsjE17lg7YLi1s0Mj6L9sokNEAEghuGFKmCV-vCBjAegAdKf05kDyAEJqQI9hd66kOZ-PuACAKgDAaoE9gFP0I8dYsWA3ch9sWvzGQ8NqpRPqC_rcrSQBtif0HH7m_93Mjx7XbG74QgyxT7Pbal6JkZZxh-lbI4OiTbzZdoRlFpAoc6SfouSnKBd647PL5kl-OGCETqWyY1lWvddfudFX4fLuCbKll8cU-Kw-9GH6sFT_4Fr4BPjH4vpjNYvHqE27EbSJYV2QuZlRwCaLcV_vs2Krx8SPa7iq4NCvgLRMev7vnKfjACAQ9PZ7q6t5B2mq6Qk0p2yUx_ybKEvjWGuiZH-XefsrUyPA8TtwhR4VimVWwfp03g_GBFtjMvZvJnK2fZxjQjZSgTbyFCMVNsKApzQnQjABO7B07rSAeAEAaAGEYAH8LarBagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbgMAdgTDdAVAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_159UaowKtUrbjU6VE6tGnGufWI0g%26client%3Dca-pub-6550413363602588%26adurl%3D&cb=2060494839
Requested by: Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44cda47d333f156b13de6f6a549cda8b9e7a4791e4fc06cbfbf728fcacf6965f

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 67186a175a55d6f9-FRA
link: <https://c.bannerflow.net/accounts/bemz/5bcda728012f401820afd75b/published/242056/377775/preload.jpg>; rel=preload; as=image
request-context: appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 1820 31 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76ec101fa2e578dd3742058d953aed16b74efa3552eeab3b3f669543e9d0bfa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 23:22:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12646
x-xss-protection: 0
server: cafe
etag: 18353003104956614534
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 23:22:15 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 1820 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:18:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1820 124 KB
37 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:43 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:28:43 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 1820 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:08:20 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 1820 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDfSVaSDHbuHMzEKVYV-DLnQj7PR4-18Juh0I1HNr2XnFRvqg0VUUxwm2s3c8puBEm_bSAavcCuc40TIEgFOcFRnsxxw
Requested by: Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame 1820 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite_fy2019.js

Requested by

Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 00:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 6317884472378718772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 00:53:01 GMT

GET
DATA 200
OK truncated
/ Frame 1820 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e042e97b9b09b3ea268642857b7df81e7d6442d65b78258ae9cf50e4a4b847e6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/bemz/5bcda728012f401820afd75b/published/242056/377775/ Frame 1820 58 KB
58 KB 12ms
12ms Image
image/jpeg 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/bemz/5bcda728012f401820afd75b/published/242056/377775/preload.jpg
Requested by: Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b502df2b6d7d152a96514aa79573ab88c5e110cbfde59a972fbf9ce435010805

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 20 Jul 2021 01:28:43 GMT
cf-cache-status: HIT
age: 4038838
content-length: 59146
x-ms-lease-status: unlocked
last-modified: Wed, 18 Nov 2020 13:50:15 GMT
server: cloudflare
etag: 0x8D88BC8E10D6FFE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 4cb7da34-a01e-0036-184a-586056000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 67186a17aa84d6f9-FRA
cf-bgj: h2pri

POST
H2 200 pixel
c.bannerflow.net/tr/v2/ Frame 1820 0
74 B 22ms
21ms Ping
text/plain 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/5fad4ace46423319cfde3d77?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCANFzyib2YMSeLKay-gbDromYCsjE17lg7YLi1s0Mj6L9sokNEAEghuGFKmCV-vCBjAegAdKf05kDyAEJqQI9hd66kOZ-PuACAKgDAaoE9gFP0I8dYsWA3ch9sWvzGQ8NqpRPqC_rcrSQBtif0HH7m_93Mjx7XbG74QgyxT7Pbal6JkZZxh-lbI4OiTbzZdoRlFpAoc6SfouSnKBd647PL5kl-OGCETqWyY1lWvddfudFX4fLuCbKll8cU-Kw-9GH6sFT_4Fr4BPjH4vpjNYvHqE27EbSJYV2QuZlRwCaLcV_vs2Krx8SPa7iq4NCvgLRMev7vnKfjACAQ9PZ7q6t5B2mq6Qk0p2yUx_ybKEvjWGuiZH-XefsrUyPA8TtwhR4VimVWwfp03g_GBFtjMvZvJnK2fZxjQjZSgTbyFCMVNsKApzQnQjABO7B07rSAeAEAaAGEYAH8LarBagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbgMAdgTDdAVAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_159UaowKtUrbjU6VE6tGnGufWI0g%26client%3Dca-pub-6550413363602588%26adurl%3D&cb=2060494839
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Jul 2021 01:28:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 67186a17ba95d6f9-FRA
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107130206000/ Frame 5FBE 188 KB
54 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55160
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b724d3ee8cec1601"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 5FBE 13 KB
5 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4795
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "392d0f0d5f27c169"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 5FBE 87 KB
27 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27843
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f120bcb28bbafed0"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 5FBE 4 KB
2 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1658
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6fba3cabb8cd86f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 5FBE 40 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12840
x-xss-protection: 0
server: sffe
date: Tue, 20 Jul 2021 01:12:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d4edf2414c2591f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:12:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5FBE 3 KB
1 KB 34ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 01:08:08 GMT
server: ESF
date: Tue, 20 Jul 2021 01:28:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jul 2021 01:28:43 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5FBE 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 18:02:54 GMT
x-content-type-options: nosniff
server: cafe
age: 26749
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 20 Jul 2021 18:02:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5FBE 344 B
379 B 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 10098
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:40:25 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4476683797125167172/ Frame 5FBE 4 KB
4 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4476683797125167172/downsize_200k_v1?w=100&h=100

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10fb3278ae384f2ae5682486e831864750fe473eaa1b03f386e7fa049b6f9e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 22:00:04 GMT
x-content-type-options: nosniff
age: 98919
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3881
x-xss-protection: 0
last-modified: Wed, 26 May 2021 06:24:56 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Jul 2022 22:00:04 GMT

GET
DATA 200
OK truncated
/ Frame 5FBE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56ac95de531519116f922513de20ac02b3f9fa927d01d90371f3e8d4072fab9b

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5FBE 0
0 54ms
53ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClbqIyyb2YNOqFeO9x_APwIO48Amfkum-Yt-Ert26DsOFgqCuJRABIIbhhSpglfrwgYwHoAGjwYrFA8gBAakCFuxK2ltGsj7gAgCoAwGqBPUBT9CYkBeNS6toK5i2UnJ7awJ3CcrweGQ4VKDQJeTrYH0MjaXbPn07kFJkd9HXXUM3OUg8BRrHqbqW5XMRKvbeUEA0ApiIl8W7DUiQ9142FK7G72wPKV66MsWuy4-g4m8_YUEefFu8YalQdHfsf-ulMJBMAHrW5_jOR_v-kVlcnAX5rksRCbTqrU-qFTekekUgt0sQNh4HnoWE-u3RSXudGQSD1KsIOo21KHKkVQgCAY3VnB2GJIR_ZyHQc6GxQUqGutm6Jg3hFQHWgjYWq7S7lwZco0aO_gpmBNyo6L9_-U-5XeEwTna3qPlbBuNKuyPr7fIouy_ABIL0x6m3A-AEAZIFBAgEGAGSBQQIBRgEgAfFvvU6qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEIfZJdIICQiI4YAQEAEYHYAKA8gLAdgTDYgUAdAVAYAXAbIXGgoYCAASFHB1Yi02NTUwNDEzMzYzNjAyNTg4&sigh=En4lPlPxeoU&template_id=5001
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 5FBE 21 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.pays-tarusate.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 02:22:18 GMT
x-content-type-options: nosniff
age: 601585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 02:22:18 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 5FBE 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ja.pays-tarusate.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 13:46:22 GMT
x-content-type-options: nosniff
age: 560541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 13:46:22 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5FBE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 20 Jul 2021 01:28:43 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DAA2 42 B
64 B 23ms
23ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-IVarLUA_Tu-5MOHxw1oFukLV9wVAJzyW4ihMijPiot976uU7t7TP2mqczXJ65VTi0yXlVSZwLQS0u-zKUyNrfwFWDJyFOmlE3gjMtbpWTH9DSzBS9vxhsZBPLe-V3X4oEZuMORCiWG-qGw1-fGUR&sai=AMfl-YSFEmg-rUVbXkzRU4IKeJ-g_wX2amGzvbbOa79P_8Zdz1eZhNT5_DX4hTTD24TwXL-DQtcEnAV1grYVfXPeraYCkKzKHRh7pp7puRL4WFKNe5P7DeC1a7qSHnLMcsO5&sig=Cg0ArKJSzCbnManeeQ7QEAE&id=lidar2&mcvt=1000&p=735,315,825,1043&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=374923694&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626744522776&dlt=27&rpt=157&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B9F 0
0 27ms
27ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteqnKqyK8nU4m5FbSq0GUPXjGAbrWKLTShphCqLDejkFc1j4Gh-NrOqDOMt6l7FRrimnVMV8evnWEe4bdff80xOnaG0-c0XFLNWtgMooetReCP_F9fDrW9hlPAZOigUkxDxMd4IDMaQz16xnoE8WITt8-neg5oJZNHt6r-0MXrFAPZvEHOybqLcqsIH5jx7njlefgbRzTpIzAM6lX-TJWwxzwRg4w-Tiw0ugFse_FyCMwQui8gk2_ZHTeculO9tUIWDum7lq4lFOT7Mdo3Coqz0gz84BQ0tHAcXTpx646zQ62uXkaymNN0ZqwkwLu6_mf3AbWl3BvGFukGL2QmFO3L&sai=AMfl-YQ5Gf_zyVOJmaZlc2Fv-Ue7YLOYl3c0WBYnW5K741NdZcFqtNSJiwsGnaU8LtCHjhyj9mD-dAggjkjiD5Z_3RHHonJAkzaKuQp1l2W800zIsWlFlK6Sz9Dhf04qszxW&sig=Cg0ArKJSzJUYQxJRYqA-EAE&urlfix=1&adurl=

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:28:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1B9F 91 KB
33 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a6ff4eb898d750d8fc88acca033f1b861f597180031ab8d35c76f66ab78af17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33282
x-xss-protection: 0
server: cafe
etag: 11263036041242655670
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:28:43 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B9F 124 KB
37 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:43 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:28:43 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ Frame 1B9F 244 KB
90 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.pays-tarusate.org&amaexp=1&bust=exp%3D31061746

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92395
x-xss-protection: 0
server: cafe
etag: 7826786853314341384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 01:28:44 GMT

GET
DATA 200
OK truncated
/ Frame 1B9F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56de90b9ccd1a0e29103d46c1e9941008b5e322a69044867c8b214d63cd62dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 1B9F 12 B
100 B 25ms
25ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.pays-tarusate.org&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3Dd693496d200e1a39-226b183e81c80053%3AT%3D1626744521%3AS%3DALNI_MYiTxSzyETd1H_33fsnWQyl8VNfkw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.pays-tarusate.org&amaexp=1&bust=exp%3D31061746

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1B9F 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1B9F 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DE0F 16 KB
7 KB 301ms
300ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=2537550037&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=970&url=https%3A%2F%2Fja.pays-tarusate.org%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744524006&bpp=9&bdt=29&idt=67&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dd693496d200e1a39-226b183e81c80053%3AT%3D1626744521%3AS%3DALNI_MYiTxSzyETd1H_33fsnWQyl8VNfkw&correlator=5631465992892&frm=23&ife=4&pv=2&ga_vid=297597603.1626744524&ga_sid=1626744524&ga_hid=540342428&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4104&biw=1600&bih=1200&isw=970&ish=250&ifk=3991788034&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=4400074582002712&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5mufrefw8w9&btvi=1&fsb=1&dtd=83

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59b02e4f9e7f1158bac62418d589f6ad058542d44dfab60314075145a57da1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=2537550037&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=970&url=https%3A%2F%2Fja.pays-tarusate.org%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744524006&bpp=9&bdt=29&idt=67&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dd693496d200e1a39-226b183e81c80053%3AT%3D1626744521%3AS%3DALNI_MYiTxSzyETd1H_33fsnWQyl8VNfkw&correlator=5631465992892&frm=23&ife=4&pv=2&ga_vid=297597603.1626744524&ga_sid=1626744524&ga_hid=540342428&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4104&biw=1600&bih=1200&isw=970&ish=250&ifk=3991788034&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=4400074582002712&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5mufrefw8w9&btvi=1&fsb=1&dtd=83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm-py9_hVE4pG0xL_k6rbjrMYONWaJxqzzn13a4haycZ0TyIoAeWQUnUNq9RMo; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Jul 2021 01:28:44 GMT
server: cafe
content-length: 7159
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B9F 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:28:44 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D678 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwyEazCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE1QFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutH5PuEbNV6G2aqWltB_ri769VSABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshcYChYSFHB1Yi02NTUwNDEzMzYzNjAyNTg4&sigh=7jV90r-SmXc

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=2537550037&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=970&url=https%3A%2F%2Fja.pays-tarusate.org%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744524006&bpp=9&bdt=29&idt=67&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dd693496d200e1a39-226b183e81c80053%3AT%3D1626744521%3AS%3DALNI_MYiTxSzyETd1H_33fsnWQyl8VNfkw&correlator=5631465992892&frm=23&ife=4&pv=2&ga_vid=297597603.1626744524&ga_sid=1626744524&ga_hid=540342428&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4104&biw=1600&bih=1200&isw=970&ish=250&ifk=3991788034&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=4400074582002712&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5mufrefw8w9&btvi=1&fsb=1&dtd=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Jul 2021 01:28:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D678 0
0 30ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kg334qfz645ednbf4jkerygbwq7569efkk1hw68aywn9f6js8ke4sy03f87fq52v928kc158sbkqrbgngr7x0rm9f79rkd5jww3mredn772hcp4zk289wc92b7xq398cyp6b3pm8z10skasrwxenwy1vgtwvy0qtwr441gd1nkhv986xd4rntca88e88n88x826tktg114rah5cbf19fpzmfj29992hxt9x5wznnhvd2ama1sk4ezagz2hrbzbsedfzjasfgvrv5k1snrq2cqwfq28mc155tvwmddt5n4k1qfdjpsw6fbkwdckhrphzsbj6dwhfyxszad5k1y05hz5sy5mgag71ghge95773pepwvkwjp99m3bsrk6jcpw2580p8953t52f3nma&b=YPYmzAABjcEIu88gAA9g6utuALAiF_CTbwrIrw
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Jul 2021 01:28:44 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 31FB 2 KB
2 KB 43ms
23ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1k045j45ddx2nk9symycnx7j4hjr1x7q3v1c9aj843s2n5nb4ggfe6rzr97sqr24cavc9nw30ep6pssjvy5f9t11zyas6mvmcz7chr93fyq5rscy7fradwmr6r44z56mvar8wsxf3re1nhmvva2p3hg7qqvfvvnek1tkbfyfemk2b1mt6ktw0f876dpdj43ygpkkm1cpdz3htzexyskdntvye7wav8wch350wghb27es7sf9jtymh9dgs9v7w0xb5vrfsd5jhyx60rnte59myaz11sxjks3dmv356n6ysn1jbnrym4q046qwxc2hht24dr9hfgdm1thasrnaxjrpa07pxntcvf5p7ch22gh4c8eh3wmt1k126xhjqhfyx0g7q0f3xea3ajcy933h&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%26client%3Dca-pub-6550413363602588%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=2537550037&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=970&url=https%3A%2F%2Fja.pays-tarusate.org%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744524006&bpp=9&bdt=29&idt=67&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dd693496d200e1a39-226b183e81c80053%3AT%3D1626744521%3AS%3DALNI_MYiTxSzyETd1H_33fsnWQyl8VNfkw&correlator=5631465992892&frm=23&ife=4&pv=2&ga_vid=297597603.1626744524&ga_sid=1626744524&ga_hid=540342428&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4104&biw=1600&bih=1200&isw=970&ish=250&ifk=3991788034&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=4400074582002712&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5mufrefw8w9&btvi=1&fsb=1&dtd=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

315da2026915dce35610144847ca4332f30a22fa13f413aef919e7a0bb00d542

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1k045j45ddx2nk9symycnx7j4hjr1x7q3v1c9aj843s2n5nb4ggfe6rzr97sqr24cavc9nw30ep6pssjvy5f9t11zyas6mvmcz7chr93fyq5rscy7fradwmr6r44z56mvar8wsxf3re1nhmvva2p3hg7qqvfvvnek1tkbfyfemk2b1mt6ktw0f876dpdj43ygpkkm1cpdz3htzexyskdntvye7wav8wch350wghb27es7sf9jtymh9dgs9v7w0xb5vrfsd5jhyx60rnte59myaz11sxjks3dmv356n6ysn1jbnrym4q046qwxc2hht24dr9hfgdm1thasrnaxjrpa07pxntcvf5p7ch22gh4c8eh3wmt1k126xhjqhfyx0g7q0f3xea3ajcy933h&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%26client%3Dca-pub-6550413363602588%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67186a1da89205c4-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame D678 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:18:33 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4AA6 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Jul 2021 03:09:05 GMT
expires: Tue, 20 Jul 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 80379
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D678 124 KB
37 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:28:44 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame D678 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:08:20 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D678 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIZXjcyLEJ0d93qNUkFccgDnxvm-iTXzyOZq-IxvswVJZmaFC5zYNY7rlsQwOk_Fkt-_i66h8IY4V9a-MSzoPo7dyfew
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=2537550037&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=970&url=https%3A%2F%2Fja.pays-tarusate.org%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744524006&bpp=9&bdt=29&idt=67&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dd693496d200e1a39-226b183e81c80053%3AT%3D1626744521%3AS%3DALNI_MYiTxSzyETd1H_33fsnWQyl8VNfkw&correlator=5631465992892&frm=23&ife=4&pv=2&ga_vid=297597603.1626744524&ga_sid=1626744524&ga_hid=540342428&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4104&biw=1600&bih=1200&isw=970&ish=250&ifk=3991788034&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=4400074582002712&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5mufrefw8w9&btvi=1&fsb=1&dtd=83
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4AA6
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBzV4iTheP4nGPbbMyT2XVk&google_cver=1&google_push=AYg5qPIL0Z8o5nxfct9XhnIo7eqnapC051ZlJ0RKlDxYhH-0v2XRj0e0SCGKpvJSu3lBLhhm0g0pbjRgPTa1RFL_eiQUJJtEdmFZ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE3NDM4MzU4NzQ4NzE5MDAwOQ==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBzV4iTheP4nGPbbMyT2XVk&google_cver=1

43 B
407 B

40ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBzV4iTheP4nGPbbMyT2XVk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=zxsmrcp%2Fzxsmrcp_id4&adk=2537550037&adf=816031645&pi=t.ma~as.zxsmrcp%2Fzxsmrcp_id4&w=970&url=https%3A%2F%2Fja.pays-tarusate.org%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626744524006&bpp=9&bdt=29&idt=67&shv=r20210712&ptt=5&saldr=sa&cookie=ID%3Dd693496d200e1a39-226b183e81c80053%3AT%3D1626744521%3AS%3DALNI_MYiTxSzyETd1H_33fsnWQyl8VNfkw&correlator=5631465992892&frm=23&ife=4&pv=2&ga_vid=297597603.1626744524&ga_sid=1626744524&ga_hid=540342428&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=4104&biw=1600&bih=1200&isw=970&ish=250&ifk=3991788034&scr_x=0&scr_y=0&eid=31061746%2C20211866&oid=3&pvsid=4400074582002712&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5mufrefw8w9&btvi=1&fsb=1&dtd=83
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBzV4iTheP4nGPbbMyT2XVk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4AA6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF5T526eHQuC6FaR2K9zvvE&google_cver=1&google_push=AYg5qPKggJmJxQPEHAcKookA_mBW5UmxUMhiOykmyHibcXKVXERMFq3klpVCwX5k8LwZkvedm0Xn767hv28qzaVGw2nXd65fNeGm&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF5T526eHQuC6FaR2K9zvvE&google_cver=1&google_push=AYg5qPKggJmJxQPEHAcKookA_mBW5UmxUMhiOykmyHibcXKVXERMFq3klpVCwX5k8LwZkvedm0Xn767hv28qzaVGw2nXd65fNeG...

43 B
425 B

165ms
164ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF5T526eHQuC6FaR2K9zvvE&google_cver=1&google_push=AYg5qPKggJmJxQPEHAcKookA_mBW5UmxUMhiOykmyHibcXKVXERMFq3klpVCwX5k8LwZkvedm0Xn767hv28qzaVGw2nXd65fNeGm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKggJmJxQPEHAcKookA_mBW5UmxUMhiOykmyHibcXKVXERMFq3klpVCwX5k8LwZkvedm0Xn767hv28qzaVGw2nXd65fNeGm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67186a1ecab9dfd7-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 555
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67186a1db9e0dfd7-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF5T526eHQuC6FaR2K9zvvE&google_cver=1&google_push=AYg5qPKggJmJxQPEHAcKookA_mBW5UmxUMhiOykmyHibcXKVXERMFq3klpVCwX5k8LwZkvedm0Xn767hv28qzaVGw2nXd65fNeGm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKggJmJxQPEHAcKookA_mBW5UmxUMhiOykmyHibcXKVXERMFq3klpVCwX5k8LwZkvedm0Xn767hv28qzaVGw2nXd65fNeGm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4AA6
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPVE-58fBjuQRN_mPfI-hDM&google_cver=1&google_push=AYg5qPKsGmBHfG1n5wWI2jJc0PdOKZzSBKw3hQywPIFrIIe9YfXC3DhKBelBRVVwzjzxMBVOZ261OeQQD5FDo7az...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TDykMoagRpCcWgibFQ35sw2&google_push=AYg5qPKsGmBHfG1n5wWI2jJc0PdOKZzSBKw3hQywPIFrIIe9YfXC3DhKBelBRVVwzjzxMBVOZ261OeQQD5FDo7azCESqSBly4glR

170 B
188 B

50ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TDykMoagRpCcWgibFQ35sw2&google_push=AYg5qPKsGmBHfG1n5wWI2jJc0PdOKZzSBKw3hQywPIFrIIe9YfXC3DhKBelBRVVwzjzxMBVOZ261OeQQD5FDo7azCESqSBly4glR

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jul 2021 01:28:44 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TDykMoagRpCcWgibFQ35sw2&google_push=AYg5qPKsGmBHfG1n5wWI2jJc0PdOKZzSBKw3hQywPIFrIIe9YfXC3DhKBelBRVVwzjzxMBVOZ261OeQQD5FDo7azCESqSBly4glR
x-host: tde-deliveryengine-production-7fc948674c-x28qn
alt-svc: clear
content-length: 0

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 4AA6 43 B
422 B 37ms
13ms Image
image/gif 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEEtnim_3OOZKSkZjHvsCa34&google_cver=1&google_push=AYg5qPLfzzVqUx4DnFvFnvvANB_c3Cgl3_xd7Tx1eOI_2AtQPFixbaTPoTeanpRSt4ynJpt7mqI9j_fmO4eYT4GSYaECjA34VX4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 21 Jul 2021 01:28:44 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4AA6
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEK3ps947ZkjGKHW8cdumrAg&google_cver=1&google_push=AYg5qPItndmEjLrvIJOE_L53uqi18tS9ri58tq7zebztMoLIewK0dn5wRY6134wEZkAmgABwLAQXyLMByMZ4xvKGmDd8vXN...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK3ps947ZkjGKHW8cdumrAg&google_cver=1&google_push=AYg5qPItndmEjLrvIJOE_L53uqi18tS9ri58tq7zebztMoLIewK0dn5wRY6134wEZkAmgABwLAQXyLMByMZ4xvKGmDd8v...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPItndmEjLrvIJOE_L53uqi18tS9ri58tq7zebztMoLIewK0dn5wRY6134wEZkAmgABwLAQXyLMByMZ4xvKGmDd8vXN67MrU

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPItndmEjLrvIJOE_L53uqi18tS9ri58tq7zebztMoLIewK0dn5wRY6134wEZkAmgABwLAQXyLMByMZ4xvKGmDd8vXN67MrU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPItndmEjLrvIJOE_L53uqi18tS9ri58tq7zebztMoLIewK0dn5wRY6134wEZkAmgABwLAQXyLMByMZ4xvKGmDd8vXN67MrU
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4AA6
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENvz2Yhd0q1N968CKC1OeHI&google_cver=1&google_push=AYg5qPK0G0GtGehOerg6bWNOavyx1JQycXD3R2kErpRm3TVmfC4lEn4fYUawyyDv-T580OD164fDhPan...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENvz2Yhd0q1N968CKC1OeHI&google_cver=1&google_push=AYg5qPK0G0GtGehOerg6bWNOavyx1JQycXD3R2kErpRm3TVmfC4lEn4fYUawyyDv-T580OD164f...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY2MDczNzk3MjgxOTI0NTk1Nw&google_push=AYg5qPK0G0GtGehOerg6bWNOavyx1JQycXD3R2kErpRm3TVmfC4lEn4fYUawyyDv-T580OD164fDhP...

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY2MDczNzk3MjgxOTI0NTk1Nw&google_push=AYg5qPK0G0GtGehOerg6bWNOavyx1JQycXD3R2kErpRm3TVmfC4lEn4fYUawyyDv-T580OD164fDhPanVumjvcN_DdumY4xqQqge

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:44 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY2MDczNzk3MjgxOTI0NTk1Nw&google_push=AYg5qPK0G0GtGehOerg6bWNOavyx1JQycXD3R2kErpRm3TVmfC4lEn4fYUawyyDv-T580OD164fDhPanVumjvcN_DdumY4xqQqge
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4AA6
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGUCiFJX3Ly4Xgq1cfwlOH4&google_cver=1&google_push=AYg5qPKRTs9Srug7x-6oopCNTQIGaKNM2aDXwGNthg5r6RuHRzhRjBZTmb4hJFSJd5Mw4bKY7UrwsF1loKSiPXt7M...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGUCiFJX3Ly4Xgq1cfwlOH4&google_cver=1&google_push=AYg5qPKRTs9Srug7x-6oopCNTQIGaKNM2aDXwGNthg5r6RuHRzhRjBZTmb4hJFSJd5Mw4bKY7UrwsF1loKSiPXt7M...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKRTs9Srug7x-6oopCNTQIGaKNM2aDXwGNthg5r6RuHRzhRjBZTmb4hJFSJd5Mw4bKY7UrwsF1loKSiPXt7MioOrqPWBp3l&google_hm=117716f00675553b48503a1d

170 B
188 B

50ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKRTs9Srug7x-6oopCNTQIGaKNM2aDXwGNthg5r6RuHRzhRjBZTmb4hJFSJd5Mw4bKY7UrwsF1loKSiPXt7MioOrqPWBp3l&google_hm=117716f00675553b48503a1d

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 20 Jul 2021 01:28:44 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKRTs9Srug7x-6oopCNTQIGaKNM2aDXwGNthg5r6RuHRzhRjBZTmb4hJFSJd5Mw4bKY7UrwsF1loKSiPXt7MioOrqPWBp3l&google_hm=117716f00675553b48503a1d
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4AA6 0
253 B 61ms
21ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ku1I3ddfTVYwsgy14SeQ_AvRtE1boCk0jYOK9qcceKXbLhS9ZeOWLY69O8QufHc7D_dtyo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame D678 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f43137dcf57e18874d6eff183314c1fb2c115cadcec4996b5e5bd5a1a4273133

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 31FB 58 KB
7 KB 27ms
17ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1k045j45ddx2nk9symycnx7j4hjr1x7q3v1c9aj843s2n5nb4ggfe6rzr97sqr24cavc9nw30ep6pssjvy5f9t11zyas6mvmcz7chr93fyq5rscy7fradwmr6r44z56mvar8wsxf3re1nhmvva2p3hg7qqvfvvnek1tkbfyfemk2b1mt6ktw0f876dpdj43ygpkkm1cpdz3htzexyskdntvye7wav8wch350wghb27es7sf9jtymh9dgs9v7w0xb5vrfsd5jhyx60rnte59myaz11sxjks3dmv356n6ysn1jbnrym4q046qwxc2hht24dr9hfgdm1thasrnaxjrpa07pxntcvf5p7ch22gh4c8eh3wmt1k126xhjqhfyx0g7q0f3xea3ajcy933h&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer: https://ad4m.at/ad/dr?ed=1k045j45ddx2nk9symycnx7j4hjr1x7q3v1c9aj843s2n5nb4ggfe6rzr97sqr24cavc9nw30ep6pssjvy5f9t11zyas6mvmcz7chr93fyq5rscy7fradwmr6r44z56mvar8wsxf3re1nhmvva2p3hg7qqvfvvnek1tkbfyfemk2b1mt6ktw0f876dpdj43ygpkkm1cpdz3htzexyskdntvye7wav8wch350wghb27es7sf9jtymh9dgs9v7w0xb5vrfsd5jhyx60rnte59myaz11sxjks3dmv356n6ysn1jbnrym4q046qwxc2hht24dr9hfgdm1thasrnaxjrpa07pxntcvf5p7ch22gh4c8eh3wmt1k126xhjqhfyx0g7q0f3xea3ajcy933h&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1868186
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6688
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYhTJcPVTT%2BCQSXvZONzTn9q2SCZYloHiM9c9EoX63zttMap%2BntAjvdnQTWvCDT6l6P3R%2BsLqJKo5nrODIbv7P0HQC8cVx%2BS6v6lf04bi9L5RA0CHzWDD%2BylYefUis0vwGTNIA4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 67186a1dfde24dd6-FRA
expires: Tue, 28 Jun 2022 10:32:18 GMT

GET
H3-29 200 r62eglto.js Show response
ad4m.at/ Frame 31FB 36 KB
13 KB 27ms
17ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1k045j45ddx2nk9symycnx7j4hjr1x7q3v1c9aj843s2n5nb4ggfe6rzr97sqr24cavc9nw30ep6pssjvy5f9t11zyas6mvmcz7chr93fyq5rscy7fradwmr6r44z56mvar8wsxf3re1nhmvva2p3hg7qqvfvvnek1tkbfyfemk2b1mt6ktw0f876dpdj43ygpkkm1cpdz3htzexyskdntvye7wav8wch350wghb27es7sf9jtymh9dgs9v7w0xb5vrfsd5jhyx60rnte59myaz11sxjks3dmv356n6ysn1jbnrym4q046qwxc2hht24dr9hfgdm1thasrnaxjrpa07pxntcvf5p7ch22gh4c8eh3wmt1k126xhjqhfyx0g7q0f3xea3ajcy933h&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a37ceca755265b121a604484e994dabd38d5061fbf524b7fbff789e7ae5423

Request headers

Referer: https://ad4m.at/ad/dr?ed=1k045j45ddx2nk9symycnx7j4hjr1x7q3v1c9aj843s2n5nb4ggfe6rzr97sqr24cavc9nw30ep6pssjvy5f9t11zyas6mvmcz7chr93fyq5rscy7fradwmr6r44z56mvar8wsxf3re1nhmvva2p3hg7qqvfvvnek1tkbfyfemk2b1mt6ktw0f876dpdj43ygpkkm1cpdz3htzexyskdntvye7wav8wch350wghb27es7sf9jtymh9dgs9v7w0xb5vrfsd5jhyx60rnte59myaz11sxjks3dmv356n6ysn1jbnrym4q046qwxc2hht24dr9hfgdm1thasrnaxjrpa07pxntcvf5p7ch22gh4c8eh3wmt1k126xhjqhfyx0g7q0f3xea3ajcy933h&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=Yifx+w==, md5=dYxhy2ipXS+j9p8i0KpDgA==
date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47995
x-guploader-uploadid: ABg5-UxreyhrcfN7xScl9xTXe-G67tc6hbQ1tHnoI5xVH4ghNOkQ9sF6ds68T76UCmvWI5lNWXSj9BXUSy_B3ceUfd0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:07:55 GMT
server: cloudflare
etag: W/"758c61cb68a95d2fa3f69f22d0aa4380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvlk5ZyGnYgJENpSu8L5I8MJQn8rqd4bWxB2RqPVTxTl8hujTpSi1LHRKnkiw6s%2FaiSisJ3njE55m8DzPbHqGjwJRjEbVh6XcXZ7W%2BwXSsMJWOaXIDYpcIY1VPHbDuHTRp5AtT0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672475536814
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11941
cf-ray: 67186a1dfde04dd6-FRA
expires: Mon, 19 Jul 2021 12:08:49 GMT

GET
H2 200 document.686f98ec21.js Show response
c.bannerflow.net/accounts/bemz/5bcda728012f401820afd75b/published/242056/377775/ Frame 1820 19 KB
6 KB 18ms
17ms Script
application/javascript 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/bemz/5bcda728012f401820afd75b/published/242056/377775/document.686f98ec21.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/5fad4ace46423319cfde3d77?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCANFzyib2YMSeLKay-gbDromYCsjE17lg7YLi1s0Mj6L9sokNEAEghuGFKmCV-vCBjAegAdKf05kDyAEJqQI9hd66kOZ-PuACAKgDAaoE9gFP0I8dYsWA3ch9sWvzGQ8NqpRPqC_rcrSQBtif0HH7m_93Mjx7XbG74QgyxT7Pbal6JkZZxh-lbI4OiTbzZdoRlFpAoc6SfouSnKBd647PL5kl-OGCETqWyY1lWvddfudFX4fLuCbKll8cU-Kw-9GH6sFT_4Fr4BPjH4vpjNYvHqE27EbSJYV2QuZlRwCaLcV_vs2Krx8SPa7iq4NCvgLRMev7vnKfjACAQ9PZ7q6t5B2mq6Qk0p2yUx_ybKEvjWGuiZH-XefsrUyPA8TtwhR4VimVWwfp03g_GBFtjMvZvJnK2fZxjQjZSgTbyFCMVNsKApzQnQjABO7B07rSAeAEAaAGEYAH8LarBagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbgMAdgTDdAVAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_159UaowKtUrbjU6VE6tGnGufWI0g%26client%3Dca-pub-6550413363602588%26adurl%3D&cb=2060494839
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b9acf19541491961c84803daacfc8de52e4168132e07ecd86cdfce953c844e0

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: aG+Y7CEZA4RbLVv9XZEzxg==
age: 4038838
cf-polished: origSize=21385
x-ms-lease-status: unlocked
last-modified: Wed, 18 Nov 2020 13:50:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4c798caf-c01e-0042-734a-5854a6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 67186a1deeb6d6f9-FRA
cf-bgj: minify

GET
H2 200 animated-creative.c186a6520154a2b65cd6.js Show response
c.bannerflow.net/scripts/ Frame 1820 135 KB
42 KB 18ms
18ms Script
application/javascript 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.c186a6520154a2b65cd6.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/5fad4ace46423319cfde3d77?did=5d6fb28839d71e0001cd1a9f&deeplink=on&responsive=off&redirecturl=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCANFzyib2YMSeLKay-gbDromYCsjE17lg7YLi1s0Mj6L9sokNEAEghuGFKmCV-vCBjAegAdKf05kDyAEJqQI9hd66kOZ-PuACAKgDAaoE9gFP0I8dYsWA3ch9sWvzGQ8NqpRPqC_rcrSQBtif0HH7m_93Mjx7XbG74QgyxT7Pbal6JkZZxh-lbI4OiTbzZdoRlFpAoc6SfouSnKBd647PL5kl-OGCETqWyY1lWvddfudFX4fLuCbKll8cU-Kw-9GH6sFT_4Fr4BPjH4vpjNYvHqE27EbSJYV2QuZlRwCaLcV_vs2Krx8SPa7iq4NCvgLRMev7vnKfjACAQ9PZ7q6t5B2mq6Qk0p2yUx_ybKEvjWGuiZH-XefsrUyPA8TtwhR4VimVWwfp03g_GBFtjMvZvJnK2fZxjQjZSgTbyFCMVNsKApzQnQjABO7B07rSAeAEAaAGEYAH8LarBagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbgMAdgTDdAVAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_159UaowKtUrbjU6VE6tGnGufWI0g%26client%3Dca-pub-6550413363602588%26adurl%3D&cb=2060494839
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd66ad63d635f46f25d07d899edba2a4768b6e4805b0b54dc51673971240941e

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 1nChwXsebXCD4Ty77PVrAA==
age: 4039710
cf-polished: origSize=138701
x-ms-lease-status: unlocked
last-modified: Mon, 16 Nov 2020 15:55:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6e2ee029-c01e-0020-2a48-589681000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 67186a1deeb7d6f9-FRA
cf-bgj: minify

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 31FB 3 KB
4 KB 38ms
18ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3502142
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezX9WlC%2FxLIA6HS95MxabGeCa42%2FTzPeA8FJvOP9TbYOy%2F%2FvJ%2BO1aCQ5MzM5owerY6Rp5wagYo2aGsE%2FgiTqWvnCKGUIVl0s7nP6IhH03wEnhY09UV%2FeMb%2BbftY6FRdfjNUegeS7uklsumYPqkuXF2ozBA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 67186a1e79510609-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 2E75 2 KB
2 KB 16ms
15ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1k045j45ddx2nk9symycnx7j4hjr1x7q3v1c9aj843s2n5nb4ggfe6rzr97sqr24cavc9nw30ep6pssjvy5f9t11zyas6mvmcz7chr93fyq5rscy7fradwmr6r44z56mvar8wsxf3re1nhmvva2p3hg7qqvfvvnek1tkbfyfemk2b1mt6ktw0f876dpdj43ygpkkm1cpdz3htzexyskdntvye7wav8wch350wghb27es7sf9jtymh9dgs9v7w0xb5vrfsd5jhyx60rnte59myaz11sxjks3dmv356n6ysn1jbnrym4q046qwxc2hht24dr9hfgdm1thasrnaxjrpa07pxntcvf5p7ch22gh4c8eh3wmt1k126xhjqhfyx0g7q0f3xea3ajcy933h&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%26client%3Dca-pub-6550413363602588%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1k045j45ddx2nk9symycnx7j4hjr1x7q3v1c9aj843s2n5nb4ggfe6rzr97sqr24cavc9nw30ep6pssjvy5f9t11zyas6mvmcz7chr93fyq5rscy7fradwmr6r44z56mvar8wsxf3re1nhmvva2p3hg7qqvfvvnek1tkbfyfemk2b1mt6ktw0f876dpdj43ygpkkm1cpdz3htzexyskdntvye7wav8wch350wghb27es7sf9jtymh9dgs9v7w0xb5vrfsd5jhyx60rnte59myaz11sxjks3dmv356n6ysn1jbnrym4q046qwxc2hht24dr9hfgdm1thasrnaxjrpa07pxntcvf5p7ch22gh4c8eh3wmt1k126xhjqhfyx0g7q0f3xea3ajcy933h&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%26client%3Dca-pub-6550413363602588%26adurl%3D

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Tue, 20 Jul 2021 02:28:44 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2262767
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Eu3uUj6gcEX4Jp6HWxVmT%2FY1LdmgfaLhFJMY7Laq09fgj2T7fW6%2BkhRxpm5Pl74At%2FI6Yq6MyXabIMafFfeLssyAX%2FLOe2sNXrML1uaVybTm3iSjikd5IJZsN0AP06LHhuMu5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67186a1e6e514dd6-FRA
content-encoding: br

POST
H3-29 200 rs Show response
ad4m.at/ Frame 31FB 1 KB
2 KB 23ms
23ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65a19c1b1b28a3164d19ef218807e096890a69ff3b475f50e545cb611a4f8317

Request headers

Referer: https://ad4m.at/ad/dr?ed=1k045j45ddx2nk9symycnx7j4hjr1x7q3v1c9aj843s2n5nb4ggfe6rzr97sqr24cavc9nw30ep6pssjvy5f9t11zyas6mvmcz7chr93fyq5rscy7fradwmr6r44z56mvar8wsxf3re1nhmvva2p3hg7qqvfvvnek1tkbfyfemk2b1mt6ktw0f876dpdj43ygpkkm1cpdz3htzexyskdntvye7wav8wch350wghb27es7sf9jtymh9dgs9v7w0xb5vrfsd5jhyx60rnte59myaz11sxjks3dmv356n6ysn1jbnrym4q046qwxc2hht24dr9hfgdm1thasrnaxjrpa07pxntcvf5p7ch22gh4c8eh3wmt1k126xhjqhfyx0g7q0f3xea3ajcy933h&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 67186a1e9e764dd6-FRA
date: Tue, 20 Jul 2021 01:28:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7Hkzd3ilNAa1fbNnRcq%2Fmxb6MUukyBx6Jf49VjPbBGRgBaQYECsy0Fk1oDfP1kwEP8v7wHtP2uf3MS57TfFjVsp1VddPCFVDU%2F6vYxlUGliIM4MSAgMPlqW4nCP8IdrMWrGbms%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B9F 0
0 49ms
26ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPa7cLUi7txci2hJQGHt31G6bmsQuIKicbMA5lfGV_ie4F9iGC61fvZFy9HMOX9cYaauR6pL5w7WOZ37Ka4_GjPFSnp_XSdGING2GKxuLFh1gQyc3SVzUACWuiIwzndFa7Ie4vMfBt-BorrfgwOdGG2tDjKSNd0ECIr094JrzfP-jMeoK90BVyy7VxWZ3WiSEjXz33gGTuoY0IRet-0e1RP8BtGIrZlVAIi-T9K539rIAlEWGsDuOHDIVmq7M6Y4KxsthbkwOwA-BR4ckChJRJrroXr6kiXTB8JSUO_FCYDGAN1GZRsjLaLq8MoJwnqfhrLfdx86yaq1fWsZxE0X2bqXo&sai=AMfl-YTjcKMO_5Jm2rcnZi7rwlPXajlNrQWE4hADEOPnbr1tyfgqrMS9xAQpAXVFf4k2taKjFqm7WlmNNh5Dkk8NxtjwBkUeUfWPuZPDh0WqeO9zKXGHcHhntf2gRJm2M5XW&sig=Cg0ArKJSzD25IfQOHFubEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:28:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 01:28:44 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1B9F 11 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e0d076d3e60b7e30686ddf9ded7eb987854f450b23ed2c20c78bf9ea7774753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8518
x-xss-protection: 0

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame D00B 9 KB
4 KB 18ms
17ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51356c3ec35681f8605f413d756873e40d0d3842a26ded3c19688d6a072e27b6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67186a1ec96205c4-FRA
content-encoding: br

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B9F 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 01:28:44 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EA18 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 01:12:56 GMT
expires: Wed, 20 Jul 2022 01:12:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5BC5 783 B
531 B 17ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1f1e702ab1de3dafd6612b45d1b836f20f2674e19016bd2d8d3b0c1dff62cdd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GYEsxpAqsGmQFXrsQFAU2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.pays-tarusate.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.pays-tarusate.org/

Response headers

expires: Tue, 20 Jul 2021 01:28:44 GMT
date: Tue, 20 Jul 2021 01:28:44 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-GYEsxpAqsGmQFXrsQFAU2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame D00B 64 KB
8 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 663862
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67186a1eeecb4dd6-FRA
expires: Tue, 20 Jul 2021 02:28:44 GMT

GET
H2 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame D00B 12 KB
12 KB 24ms
22ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 371965
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdt2ltdBJG1djQpMDluASb2oKfYAfqyx2BVrDREx9LB7NjkhIXkRrWIkEog0CiAqD5f328LKeUGNtnGkVBSXTwg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tm09zDslxGG3A%2FPSvFEQnq46XjgO4hGzSqwmqK6l8RmoGnyM5n%2Fg%2B3XMJ8wYOA2d2CKM6qDqOSgTrXs7YzXEHUkEwFcTmnXKS0mie8TAiBiDKEK4f5wzlrKEXhh0wBuxZ1%2B5NdYe3y3M1OpV"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Wed, 21 Jul 2021 01:28:44 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 67186a1ee98405c4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame D00B 10 KB
11 KB 23ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1503691
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdvTmCmAav2YP-0KbTU-pyv9yOICGDqJKQpta-nVyAFvzcMh3gtVcLa2SKjESwYy9qWQ2TmKooF-IfD6y5LdxGg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJIq%2BOE4t2Dhun%2Fop%2B5p6x7hRqQPb5445cEJIjm4200FryV5yWaXpRGUOiMhSab9plJfR0Vn3leUGN4q6rVvzckhUpjg9HUuh6Ba6Nhi2zKPM0sN0FQmPDCg4GLZk9ywVcpPeHWhDM6x2KDZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Wed, 21 Jul 2021 01:28:44 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 67186a1ee98605c4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame D00B 8 KB
9 KB 23ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 377329
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycduv9d6SN_nTzdCf2v8Rr9cE78kujZiUZV__ouu0ncEGoz11OvFi3Q2C0tQ5qaNOj5oYsQ-bqhyCda3xicu0IBjciow1bw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raANxwwuseCJA0UecZjfgctTZqov2QyJT%2BFZ4llq29IWhceOm1HqudS0hwWlIQk6Wlr6ia8RrZYEo6EXvdgJSh1kaqKSwdGVxQA8jNLqTTvii8s4oxtOD7wrFshgyorVi5SL1R6tn945FZ9V"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Wed, 21 Jul 2021 01:28:44 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 67186a1ee98705c4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame D00B 30 KB
30 KB 22ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 372822
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdvnKjIT52i3dtGpaW91ZeuIivO6iMLcQnX31erpU_jjHQOzAkO8OMefFCjr864BULWgxb_nz1Wroqpp_EfU-J0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUT3U1juFoW9879%2BHjWJVSjFwnNyTovXX0bZI49gFFAdrFa8n3qDX8liSjV76omeZ6x94oQ72d1CGYN5ZlsRZzwRkjJFRnUCP8tfIlR2LkMKOYw8TGLc6F1eWHTiVwWTTxjq7dIsEmFlPXYl"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Wed, 21 Jul 2021 01:28:44 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 67186a1ee98905c4-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame D00B
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMGHo8y_8PECFZbWdwodywABTQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDkoneid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744524_d2e90780-e8f9-11eb-90c7-692d06cd5c64

0
518 B

36ms
11ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744524_d2e90780-e8f9-11eb-90c7-692d06cd5c64
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:28:44 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Tue, 20 Jul 2021 01:28:44 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1626744524_d2e90780-e8f9-11eb-90c7-692d06cd5c64
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame D00B 38 KB
39 KB 23ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 379786
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycduzEsKmHJ9XnazLcgyIST6JAnrdiSfNTGNTLcRjC2_OeQmEIoOlDWqmbWhdU_P8K9SQp2VPTK-eDFCqk-eckddlwWfK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysEqdTmJ7t%2FGO%2BxWqpJhcWJoQ%2FYpqVm00q6nRpLwIWsOv8BStkc7rc%2Fe0zW%2BYbbHe%2B3m6zBx9pi7JhvA6hvrw1La2Hpmp76b5UpUIdELTFAyU7ydZNYJ%2FIOXe0to8nhexUEZVTgRboTQSaFh"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 21 Jul 2021 01:28:44 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 67186a1ee98a05c4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame D00B 113 KB
113 KB 15ms
13ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1144213
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycds0a9SwZTCzEc33e8SYPnGf46wKHYPGSLocvC9Hkd-remaq7J29nilNwcjqfltvEfedVX9AwqjCcYNYKIL59W_o7khgzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sXB1OXfbeNGHiHQmtjZ37TA3sPsCMkPZ%2BtRZi46K5AajZbI1O3lLPebCmzb7kv8Ot2Cjtg8Xkv7C2EjiCU5YJ0cFPx2wlNmsJE%2BdeoinDnyL6u1Jwr2Nhks94xBL2H4IacbPfVgx7iJbGUx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 21 Jul 2021 01:28:44 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 67186a1ee98c05c4-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D00B 43 B
704 B 87ms
47ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkGoneid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:28:44 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 1820 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 1820 2 KB
2 KB 27ms
13ms Font
font/woff 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5bcda6530a329e6bd4d9b663%2F96531204-a7a6-4dfe-8451-77626687d74f.woff&t=%20CDEHKMNRT
Requested by: Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c32dc523802e008d776e394cc9a57a3b5ced729eb4b050877913e17343c04fb

Request headers

Origin: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: HIT
server: cloudflare
age: 7908170
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=96531204-a7a6-4dfe-8451-77626687d74f-subset.woff
cf-ray: 67186a1f1f8f1f39-FRA
expires: Tue, 19 Apr 2022 12:45:54 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 1820 18 KB
18 KB 28ms
13ms Font
font/woff 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5bcda6530a329e6bd4d9b663%2F0d65b76e-01ea-4e7b-bfcb-facaea1b0d56.woff&t=%20%25%2C-.01ABCEFGHIKLMNORSTUVWYZ%C3%96
Requested by: Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd7ebf6ac0daf4371fc5af40be82a6e637b4046268bd0f6de6cbd54ddd6a2518

Request headers

Origin: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: HIT
server: cloudflare
age: 7790615
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=0d65b76e-01ea-4e7b-bfcb-facaea1b0d56-subset.woff
cf-ray: 67186a1f1f901f39-FRA
expires: Wed, 20 Apr 2022 21:25:09 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame D00B 12 KB
12 KB 177ms
98ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 0215e4da482ab8538a8b55dfe81eda1f5849973f957436145de1a654bf66a9fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:28:44 GMT
Last-Modified: Tue, 20 Jul 2021 01:28:44 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame EA18 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 1820 81 KB
81 KB 15ms
14ms Image
image/webp 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbemz%2F5bcda728012f401820afd75b%2Fimages%2Fba09d618-d872-4831-bfbc-8568c586a674.jpg&w=479&h=954&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0826bc7c02494574ca3df70eff3f39f4d3331b53700becc5790e971374b4bad1

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: HIT
api-supported-versions: 2.0
age: 38489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 67186a1f6fdbd6f9-FRA
content-length: 83040
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 1198 81 KB
81 KB 18ms
17ms Image
image/webp 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbemz%2F5bcda728012f401820afd75b%2Fimages%2Fba09d618-d872-4831-bfbc-8568c586a674.jpg&w=479&h=954&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0826bc7c02494574ca3df70eff3f39f4d3331b53700becc5790e971374b4bad1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: HIT
api-supported-versions: 2.0
age: 38489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 67186a1f6fdcd6f9-FRA
content-length: 83040
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 fa708151-3c33-4a3a-9727-3cf603786454.svg
c.bannerflow.net/accounts/bemz/5bcda728012f401820afd75b/images/ Frame 1820 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/bemz/5bcda728012f401820afd75b/images/fa708151-3c33-4a3a-9727-3cf603786454.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e4453d8e40447c028b6f3a7b7c309fd44f1dc2af6f3072f728d7504d2072482

Request headers

Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: DY9w7fNWaBNHDjeutj4lLg==
age: 2507
x-ms-lease-status: unlocked
last-modified: Fri, 02 Oct 2020 14:42:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b690e3f7-e01e-0055-6d4a-58fdad000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 67186a1f7fe1d6f9-FRA

GET
H2 200 fa708151-3c33-4a3a-9727-3cf603786454.svg
c.bannerflow.net/accounts/bemz/5bcda728012f401820afd75b/images/ Frame 1198 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/bemz/5bcda728012f401820afd75b/images/fa708151-3c33-4a3a-9727-3cf603786454.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e4453d8e40447c028b6f3a7b7c309fd44f1dc2af6f3072f728d7504d2072482

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 20 Jul 2021 01:28:44 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: DY9w7fNWaBNHDjeutj4lLg==
age: 2507
x-ms-lease-status: unlocked
last-modified: Fri, 02 Oct 2020 14:42:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b690e3f7-e01e-0055-6d4a-58fdad000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 67186a1f7fe3d6f9-FRA

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 1820 2 KB
2 KB 11ms
11ms Font
font/woff 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5bcda6530a329e6bd4d9b663%2Fb715aa5f-b0ed-4164-aabe-f37b864d163b.woff&t=%20%2FADEFIKNORSUY
Requested by: Host: 6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
URL: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e5009eff088a9f13b7dfddb48a60cac2e3703e9402d0a7397c4b422e754753

Request headers

Origin: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
Referer: https://6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:28:44 GMT
cf-cache-status: HIT
server: cloudflare
age: 7915343
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=b715aa5f-b0ed-4164-aabe-f37b864d163b-subset.woff
cf-ray: 67186a1f8fe61f39-FRA
expires: Tue, 19 Apr 2022 10:46:21 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B9F 0
121 B 42ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=4400074582002712&bg=!trWltfHNAAZjFomlYxY7ACkAdvg8Wnck6obif9PNCWAs0hJmpZhyQCrr35YDRK2XmCQGMfXwWUy-wgIAAABrUgAAAAtoAQcKAFIflnIG9Pz49eDl2chnkG_tL6G7ijN6crDIapCYoXB6OzNIF6oVM1R2CeYtG-wiBy677o87OVImqcUTSLfGnanV9ehavdo05K_RfTO3RspMBh8OmQKZMywg2uzoCc0o6K3aJoZzkAopLtgax5VvFkfSJ3ixLrBQEXINRmJNwuX4ZdzC1vxcRSNBHPGsnbdO00vEAvtJ2DZIFnEKZZ2bSO-gZC_xNPfhEhABklcNVmhUz9wqrHO3Mo_Vn-eiX5GHHp0X80ENu0rF_jEPKtZ5g8nLpRm2sfFTEOJ1wa-SCox0gyJFO_dLH4BUHpRWtRitXNsO6W9zY1IagbQL7qnUN-ggWtbQgA5S4pBiaNoqJfcY85YB1EPDAAjcp9wiR9qFUGcFp5pQrBjXUYCfbVw8sxVV7M-ItPGhJYVYljCSsYbf5LJLk7QjHOY1xto34n8RrNdgRp-MTq3Hzj7PJmch8Iy5pwm36qmj_gilHv-1D0udRMJ1wY5BVvI0TTOr0FI-MTyBwbcUFjXAIGLhGzrAEfcXnsJuKGHzrogZLrPCb3rz5Jsn7Pn7_K4yraWF3_xPVU07YQKi0alehXbdU2msKoDTpT-BzHDFpVG8ZbKcqxXkkVnFKyg7gJPwn5DPbj8DtfBL6f6EsnlodeUA509e9Teg-QV-jKGJcCpGg_1JkHqRPMHSxzAg-IQ19CHhusYmyJ4yeeaUonowBsLqSlpvsOQOp7gcQZz9YF0rZ8wBgyrGwnMHVdOjZD9CiK2nAua8j2R5wDJPiR0K5VtMkTb7wExagyDgriSSNOZOoXKoDnxBFtAdU8pzDTX-lasuBsCuqFHw8c-dNNgDnkZjgxpoMrjx5-d6Xi0RLtW4KWCvF7E3VAvBWtZgOtI2Dh8t7NXpi35x9Z79wLLb5y34kBBtKAZ23a6Yn9xe9b8ETMGbl-2Q6JUb9MaTlw93P2LUNlIi8eJ53XcaNTM_ZJt6W5q5Ba7vkUgjrm8B12uFMHHoGjc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D00B 59 KB
60 KB 57ms
17ms Script
application/javascript 13.224.99.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-121.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be028ddbc85d79d86197ceb7996f571178592413b982fa59e79d39fc1938a651

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xn9YIGoVobZ5q1OjPEeywP.HYFK8n8lp
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jul 2021 14:36:57 GMT
server: AmazonS3
age: 68630
etag: "571d76fcc5fac1d79b521c4a9cd8ed59"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 19 Jul 2021 06:24:55 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 60842
x-amz-cf-id: umw44IP-jAMGZraavgtWY8D0okCsn_sY334r5KIoyJVFIMIPq-cgqQ==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame D00B 79 B
374 B 93ms
33ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VHW1OFTgjPtQVD_DJhCizgzH_y3EjNpmVWN9dPBSpMk.Nk4Jl9Re3tJ9XvjHzKpUW2wHCSFQ_01kKJA237lY5BSmVjMk..qz&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221626744524%22%2C%22%22%2C%22%22%2C%22%22%2C%221634520524%22%2C%22oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat%22%5D%7D&wgchecksum=5d79790254ed408c3f77626a97f7615c&userIP=152.89.163.156&doAffectv=1&wgtime=1626744524
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Epsom, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jul 2021 01:28:44 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame D00B 25 KB
26 KB 62ms
24ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidY8mhrf3fwBgTGC9HetQt1JWSZtWt4Wxoneid__asuid5D635M9IiE3fTxxIkyiTqBPIDPBxc0ugasuid__webplexmedia_advancedad_728x90&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C823&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CZQ4CwfRBF5MZamHDHDt3t6zPCXtXTDk%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2C9RxtMfWmhAGDFKHBH2tzCVQJF5tmT95%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP&c=728&d=90&e=&g=a23bd8f3d7add426ddc1f724930c03fb%2F8539922711560961500&i=27720%2C25174%2C9719&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D202rrhjkfmwfk7wj22gcnrwhp2sfnb4297b820q337xkqqbg8c6q5j0apt0k6aak5n87qbp7chm13g206zc7kamzmcrc8505qp0gn0hkthj17awfhvb7emgyh5g8p9z0p0kpazp31k91fcn938wnx4x9gft29c20yqfd7a6afygfmqaefx56k9d4xzpe22r19v541e9fawy71gsezf01amd41vvfczq9bxg9gw6xn1vvy78rzrak0aktmvjgsnyzhed4c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEZmPzCb2YMGbBqCe7_UP6sG9wASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQI5Us9lG8yzPqgDAaoE2AFP0HmrQILDuwh8IU6nnjBOS2wG8GTXiygRP1YDwufeeZB18HRxKMHkyfDVpWinyH5IPhwFvkbjh6jN771OQff86qtvTbsCkVdbxgXEnkv0AkfbLpA_BGBZCM6pByH48sA6eEuUg1fUg5mps4cBr8g2ND4oWQ7_HEsdbZIITsLUP4O8zTFbh7eH7zzXPTa2IKMcTC61pNAvJpIKDZNv0q27rLxiGxJTtgNtC_ptlqDu7ZVG9Ypm8z0nD7vDXD7ShZ-IutG7POyJ4osBmWIR3kal57wIzEBsN0CABqPh6Ov57OTX9wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3E6MBWx3wWlsL-RcpIbyncu8z0zw%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 01:28:44 GMT
Last-Modified: Tue, 20 Jul 2021 01:28:44 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame D00B 63 B
270 B 110ms
38ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1VHW1OFTk51r.S9RdPQSzOy_Aw7UTlf_01kKHoNvejV.lV9dXJtJ8mcK4rT_yfez16sZPuVr914VecL57GY5BNv_0TjV.6ky
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jul 2021 01:28:45 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5FBE 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVVNqSUrq_HeUUZ2-s64mUFbnPPlKj2CjWr5wSkpVp6S4tCDao9102D_3bdIoX7i4vmKpPZg6MnXa8fS6lB8sfWUu3-gjFfAb1TRjeHuGdpOmQUT-n-7Fy9i8MOAIagN_cSyujAW0psCM5Z5Vt1x1k&sai=AMfl-YQRzFkxtY82csU-hW-4yCsA1arqtD94ZvQJ_tq0gTIzRbTCnIvzYZIA7OUInJw-t1M7lHh0VxdoTgWKhJqX-1H6o6m32ffFvRQjUwAN0hEfu1WXt7wq_NuVrNDHeTCf&sig=Cg0ArKJSzOh0BSiFUO5cEAE&id=ampim&o=0,1233&d=1600,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=241&tls=1542&g=55.55555820465088&h=100&tt=1542&r=v&avms=ampa&adk=1736661757

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 01:28:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D00B 16 B
232 B 90ms
90ms Fetch
application/json 54.72.233.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.233.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-233-75.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Jul 2021 01:28:45 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 99ms
28ms Preflight 54.72.233.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.72.233.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-233-75.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Jul 2021 01:28:45 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/fatal/fatal-pathspec-file-txt-did-not-match-any-files-git

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/0QIvMX1D_JOuMwr7Iw.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/fontawesome-webfont.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/fontawesome-webfont.woff

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/fontawesome-webfont.ttf

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pays-tarusate.org/	1970-01-19 19:53:36	Name: _ym_isad Value: 2
.pays-tarusate.org/	1970-01-20 04:38:00	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTdhYzE4NzgtMTRlZS02YmUyLTk2YzgtZjkzNWI2ODIwNTAxIiwiY3JlYXRlZCI6IjIwMjEtMDctMjBUMDE6Mjg6NDEuMzUzWiIsInVwZGF0ZWQiOiIyMDIxLTA3LTIwVDAxOjI4OjQxLjM1M1oiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.pays-tarusate.org/	1970-01-20 04:38:00	Name: _ym_d Value: 1626744520
.pays-tarusate.org/	1970-01-20 04:38:00	Name: euconsent-v2 Value: CPJnYPePJnYPeAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.pays-tarusate.org/	1970-01-20 04:38:00	Name: _ym_uid Value: 162674452096198089

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://load02.biz/?pu=mvstmmtgmq5ha3ddf42dembs(Line 174) Message: Error: Browser is not suitable for subscriptions
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zx->start full check gdpr
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan version 2.1.7
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan run tag spots
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zx -> DE
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zxnt -> START GDPR
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zxnt->cmp-> onReady
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: zxnt native v.1.1
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 336\|280 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 336\|280 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 970\|250 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 0\|0 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 0\|0 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 728\|90 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 728\|90 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 300\|600 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 300\|600 block not visible
console-api	log	URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js(Line 2) Message: skip ad 970\|250 block not visible
console-api	info	URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107130206000 https://ja.pays-tarusate.org/
console-api	info	URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107130206000 https://ja.pays-tarusate.org/
console-api	info	URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107130206000 https://ja.pays-tarusate.org/
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6897ea8e5b91f61462e3468d724d067d.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.bannerflow.net
c1.adform.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.zx-adnet.com
cm.g.doubleclick.net
code.jquery.com
counter.yadro.ru
cst.cstwpush.com
d5p.de17a.com
diapi.webgains.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ja.pays-tarusate.org
js.wpushsdk.com
load02.biz
mc.yandex.com
mc.yandex.ru
na.nawpush.com
newrrb.bid
pagead2.googlesyndication.com
partner.googleadservices.com
pays-tarusate.org
prod-rtb.ad4mat.net
r.turn.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
static-de.ad4mat.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google.com
www.googletagservices.com
pays-tarusate.org
104.111.239.217
13.224.99.121
142.250.186.102
142.250.186.162
142.250.74.194
143.198.248.64
148.251.139.77
151.101.65.195
2001:4de0:ac18::1:a:2b
2001:678:cb4:bbbb::11
205.185.216.10
213.155.156.184
213.174.135.24
216.52.2.30
2600:1901:0:76b9::
2606:4700:10::6814:b844
2606:4700:20::ac43:4a81
2606:4700:3032::ac43:aa7a
2606:4700:3035::6815:623
2606:4700::6810:c40
2606:4700::6812:c05
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a02:6b8::1:119
2a04:4e42:3::485
35.190.0.66
37.157.6.246
46.236.13.147
54.72.233.75
81.29.72.47
88.212.201.216
95.216.65.102
0067f16d2149c8bf35e7e0c2f718e302146a8a338ae30356b6b95a81a1cc2019
0215e4da482ab8538a8b55dfe81eda1f5849973f957436145de1a654bf66a9fc
03c14673aeadd5c1ae530b43d16ff05b896c80d788b3f3ac43e17a5e423cec70
074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf
0826bc7c02494574ca3df70eff3f39f4d3331b53700becc5790e971374b4bad1
0ae3eb5ec447c740bddccf468b622827883ede2a9984bf0c73e39a12dc74b722
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd5cec499137577810c6540e191a6d56ae76ec6a8819aa30076eba0220077c4
0c32dc523802e008d776e394cc9a57a3b5ced729eb4b050877913e17343c04fb
10fb3278ae384f2ae5682486e831864750fe473eaa1b03f386e7fa049b6f9e6f
114371c480a781b72b61036dbe1742d973b9a9da2065b5c8dac1da359cb19144
11995232de4f3d1a0e964186801525fb5d85f20e4e47bc98338648d14520e5e4
1230edd5daeb397618309ee2cc2220b3d58733e735d890757ec862b7b7204c0c
173649a681fd076c6a1564df9b0a423ea7d401d8e982950feeeb9b0d1ff1f1d7
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1814fb310adacd76b9f167bd2e6c796903215657a25c3d185bc654433bb87dde
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1db255dc93f3295e7f89fc0318240bf3ba511286eeaf21fe3b4be5b844cfc2df
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
224b6ca2bc734f7043f8a26c305a29fb6b501495d8ffff86a7ad56fa48be84d4
225a7a7088363b0ac6c152aabfd0dc6f8c6bd8ac68ab8dd63c5718f0d05a8937
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
294337b5cc03e33a5bb8f0b1cba08cdeae64798147777ddabcea5b00da1389be
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
2abc6cc78e54c06172a9ed8084f7663ee3b7364e64cd1c640b007e9f385e7bf7
2c3e4c0ba4169115c319bc407a8193cbabe4f1002cac577375ffff0207caa061
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
315da2026915dce35610144847ca4332f30a22fa13f413aef919e7a0bb00d542
343f240ccc4c4f8b224cbe6036f5417eb0ca4472f2a2b2e45e50f5b4237f09af
346997cc94cacdcf302a675edb1cd0aad4b855722bc267998134a4875f5d8324
34c9c13f7373cddd250356f30473709aeae3cdc2d56a5afdeb113b3033c33ea2
353b2e68c0aeefe645d21343a30f43420cf68526a44536b90ffff8d48539a2db
364d114f753ed618f9562ff7c3ce1d040942a37bd8b8d94465f10cb987a006ab
3701da754cd5a0bc28caf5540c9d07c59164f08cfc5a3fb57ffc4864ce97abe5
3745f2e7dbf3de7c7e2c28590159fe6b6c7291ac75f39c82246661ff81634957
3b1fe35c168b5338c79582dae3a4c71a918063ebbdf6003e62c43c02f8a0ee28
3bf6bbf6e7bb60d84519cf6afe9d58e1a6a709b6a8a18175194f1e93b8258e22
3e1b59915e3f5f7a9e57d5c739c44ed7ae3601582ecb13b623345e21b24921a3
41912beaae613ca633878422f65e3da6d9865d74a468a8cb917603e9eda2a084
44cda47d333f156b13de6f6a549cda8b9e7a4791e4fc06cbfbf728fcacf6965f
4674febd110a22c7ccf04d931fad590bd4a3f0d0a910cd2972826a7d398fdaff
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
49a1e2fb5623aa809a06ea64ad7141c9d5ed31ebc14338e02ee7d0565cd37f30
4a1c4179f503e7a42fac6e2bde3220a18857b775a512c9cd6c03eebc31109332
4a7c5f3d5bdfc31b8cffb6544650a1fce7f0b616f1c29aa6db02353a29c6fc75
4b48096b3093c5dd86247fea7205d692860e72dfd5db451a1f4f43ec17761728
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fc84ed94feb8a0f6777b201379478ae8d900718e1b9b2c80000e3cc0d737c44
51356c3ec35681f8605f413d756873e40d0d3842a26ded3c19688d6a072e27b6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223
5635a85947b1bf96c7734e297f46f6cc6543246dd1aa7b594d2d8132dfca7053
56ac95de531519116f922513de20ac02b3f9fa927d01d90371f3e8d4072fab9b
56de90b9ccd1a0e29103d46c1e9941008b5e322a69044867c8b214d63cd62dd5
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
59b02e4f9e7f1158bac62418d589f6ad058542d44dfab60314075145a57da1ce
59e9131289a19799511dac0c3e07960588d0a4e864d6d22cb5c5bd0b9f2d99cf
5e4453d8e40447c028b6f3a7b7c309fd44f1dc2af6f3072f728d7504d2072482
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
633b675ee23b3530a972d913b1c179bc230ce6375a448eff99c9ef673b33031d
639246a7d44a3314ddd757075b81734b6dc88e0dbff488daff7c3090b5064d90
64e6ee494557902a5ba9397c57d2e1d6e01faf0c0063c4715884dd3867ddcf43
652ab2dac5b732224b0a7a3659e11568550afac74caf1842b900de7cbfce80d8
65a19c1b1b28a3164d19ef218807e096890a69ff3b475f50e545cb611a4f8317
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66c9937b0a2f4f0989d9e2d16cfca7a386b9f39ac61686fa9a770dedbb4fe07e
69954afb8a6f7cbf6b36c2fa4c6ba205d058ccbf2028ccf0285f3e10f6f47f89
6a6ff4eb898d750d8fc88acca033f1b861f597180031ab8d35c76f66ab78af17
6e1f69d3b5f58ec2a8f716356eec3fcd84132ee1e16cef36b13c2e4ea9ba89f8
71cb6bbfac96f25cc46c7109ad79d54493f7c9c74f5d702d71662ff5e8c8d2a6
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
76ec101fa2e578dd3742058d953aed16b74efa3552eeab3b3f669543e9d0bfa3
7869723a3d3fe9f3a5084cf574e74154ccc21ed4ac7ec9a5decedec3fb5e98e5
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7b17d2b3dc46bd613f237d71e9402925f0e4461b88b7ab4d39a45bf80389c384
7e0d076d3e60b7e30686ddf9ded7eb987854f450b23ed2c20c78bf9ea7774753
7e4e2039856b2fbe37417afba4863ed0471ab0b75f03c1489c22eba993460746
7f6ec9192f604e9bec7a38f4d2b2ad5e81184c05a5395d131de6c7129f9f1314
814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081
8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
87ce9f34f4684d5ca1f6260a9202d46b88231ef1bfa7266318c69fdae2032fac
8cc63e6ef52c1e2f0e5845b2e14bddb497238c0eca580e9441b8e8a776bf1f0a
8ccbe1d5faf2711b2aeafde10dc31b04fb32d443f0d694a5cfdb610aef135d50
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
909da6bb7435e1ba21704f44f8b1fff95e58534b4d97f33eaa99f5fdc14a4911
9126834120804b4123a5239704a7673e4a9b121611f9446b0767f085d412411e
98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b9acf19541491961c84803daacfc8de52e4168132e07ecd86cdfce953c844e0
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9ffe32b99e14df8f1acc65cf9dbecefd799116da531199de9381fef34459a9da
a2d43f37c8374726ef5c2da26b608a3d73710980d67998c2ff0310c689bbd798
a33f0dff45ec00a74d89c8c07a2dd118b32b6e09e76f1286a0496fa3f7a50a9e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a76bec6013aa725d0c64939617dd148dfc44f0ab1c91353360ed3d43bb3073f9
a88a8f80d8f3e66c12c032e36343443b8b9fd172d22e48cfc84c9a5e12cbee74
ab8d2c6673fc081c4dcf72c8af0f2c3dea039a07e17c63009bb342ab74a75ccd
acc5d1f40fa2e46ed40bec9c01d1463a630adbf627df4d7ee94e03563736635e
af396bd36d349005a0c9aa09bd60cd669d2d9d2c898472c3f31541fdb82c3cd2
b41793d49dfb2a78fb88b93c1a76fd53020606c40c7bd4a0ce29272fa3b3f952
b502df2b6d7d152a96514aa79573ab88c5e110cbfde59a972fbf9ce435010805
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
ba162af33a8b0542a0ea185d33ca05cb3777256dce5b667c7651faf7b3c3c892
baefdbae5749ee368dd1678b139786796d8db01f0412d69df52f2e2d6f4facd1
bc517d73155620e31d3c4ed028b32e51aa292a842adaaa64c509dc6988a55017
bd66ad63d635f46f25d07d899edba2a4768b6e4805b0b54dc51673971240941e
be028ddbc85d79d86197ceb7996f571178592413b982fa59e79d39fc1938a651
c236d2a6cf7f94e183456e0a20212fbd2086042a52cf5567272acad36affcb78
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c57f35ee65733bf8fd546ff7688754d630eb2cca5f2f503644585c9b7d016fc3
c72261ecfde0658ffd792d1bbce5c1fe03645f2069a818c7659c4c3b40186497
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9e5009eff088a9f13b7dfddb48a60cac2e3703e9402d0a7397c4b422e754753
cb6551b7d0e17e16dbff189362a7b18c2d1930c5dd80717440c48dc113d3b016
cbac863d2fb5589d11c75ddf028189eb39d22ec3496440cbbdf2b4ce7fe82d53
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cd7ebf6ac0daf4371fc5af40be82a6e637b4046268bd0f6de6cbd54ddd6a2518
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
d4941d50333db4a482b943bd44c060c64805c19f41955da66b65bb4e78d8a96e
d4fc363efe59c0ac39e1832c08e4184d8b2d2390fb9cf5a6f269580579255b7b
d7843eb6f53c01e1a367592f612780f02ceea172368acf5266f618e94848247e
d821ea6c9065cc2ee05ca3bae4eb7ba915ee20318187c2f821d46479ef244eba
d9f2060fc2fcc1792664c9cbe6c03f819fbf89cb3f5e33e3c702a17597853cfa
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db3df5c6aa9bb3e21fa8363da25ef8ac1101e1d5b6892bda68a7db328a207f5c
dd49c40d80e9ca8f78017b959a1ad0d33cb4184bf4b965099a63f18e687b10e1
e042e97b9b09b3ea268642857b7df81e7d6442d65b78258ae9cf50e4a4b847e6
e2b48ec19268e245164a31c01aff935182d6e870e4f4e1157c7ccc6ed6352e2d
e2c08b039eb547e587cb261a72c0ff23a3ef83d5612624dbc44c2b22ceec8fce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9940a1698476f6f9aa2a8ca09e88666263154aa86a72bf473947f0f09793b
e4a37ceca755265b121a604484e994dabd38d5061fbf524b7fbff789e7ae5423
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf
e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe
e5f606fd57952725dd4de9849ff3041391ec94ad23e819a16f935eef104d3205
e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa
e9b224f9951b6ada3df4495b4be25fa40b9033fa83cb24db77a44f0a0d2cf662
ed1acb139a24ffe99660c99a869c45fe7c4a6b8a027eb610ef35aa638cbfcc48
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
ee153ac22d6b749db801ac2665b79d0c3823e2a87f534e2f237f94c0598ae452
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e76fc55046532f092ff9133aef18ba989f16c219c67902cc5ccb1ce679ea1
f085e12ab04a1c2b2976b6e4e129f14120ad62056b66f7fa728607900452b2af
f1f1e702ab1de3dafd6612b45d1b836f20f2674e19016bd2d8d3b0c1dff62cdd
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc
f43137dcf57e18874d6eff183314c1fb2c115cadcec4996b5e5bd5a1a4273133
f447ccc0903fd8acfb81382eb38bef521e9b93ab7effb55f35e1e33f89820eb1
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

ja.pays-tarusate.org Open in urlscan Pro 2606:4700:3035::6815:623 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

277 Requests

94 %HTTPS

54 %IPv6

36 Domains

50 Subdomains

37 IPs

9 Countries

6689 kBTransfer

10301 kBSize

5 Cookies

37 Outgoing links

Page URL History

Redirected requests

277 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ja.pays-tarusate.org Open in urlscan Pro
2606:4700:3035::6815:623 Public Scan

Screenshot
Live screenshot

Full Image

277
Requests

94 %
HTTPS

54 %
IPv6

36
Domains

50
Subdomains

37
IPs

9
Countries

6689 kB
Transfer

10301 kB
Size

5
Cookies

277 HTTP transactions
6 data transactions