www.jecontacte.com Open in urlscan Pro
52.4.80.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.bing.com/ck/a?!&&p=44a42965e9368d0aJmltdHM9MTY3MzMwODgwMCZpZ3VpZD0zYjU2ODk2ZS1hNmYwLTZiZjctMmIzYS05YmZlYT...
Effective URL:
https://www.jecontacte.com/
Submission: On January 10 via api (January 10th 2023, 10:31:41 pm UTC) from CZ — Scanned from DE

Summary HTTP 106 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 9 countries across 28 domains to perform 106 HTTP transactions. The main IP is 52.4.80.147, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.jecontacte.com.
TLS certificate: Issued by Amazon on April 27th 2022. Valid for: a year.

This is the only time www.jecontacte.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.4.80.147 52.4.80.147	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
12	143.204.215.89 143.204.215.89	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 19	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	2600:9000:214... 2600:9000:214f:2400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
2 3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:a34a:22f4:ffd2:b8d7	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2 2	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	52.58.161.171 52.58.161.171	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
106	21

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.80.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-80-147.compute-1.amazonaws.com

www.jecontacte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 143.204.215.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-89.fra53.r.cloudfront.net

www.jecontacte.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.251.39.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:2400:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:a34a:22f4:ffd2:b8d7 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.233 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.132 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.161.171 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-161-171.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	113 KB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	440 KB
12	jecontacte.org www.jecontacte.org	103 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	134 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 142	2 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	2 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 871	2 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1147 r.turn.com — Cisco Umbrella Rank: 4328	2 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1025	830 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	144 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	3 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 670	2 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1085	89 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 914	885 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 6509	653 B
2	google.de www.google.de — Cisco Umbrella Rank: 3658 adservice.google.de — Cisco Umbrella Rank: 5450	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	111 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 452	464 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 35086	612 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723	715 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 456	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1282	715 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 5103	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	701 B
1	jecontacte.com www.jecontacte.com	14 KB
1	bing.com www.bing.com — Cisco Umbrella Rank: 90	2 KB
0	everesttech.net Failed sync-tm.everesttech.net Failed
106	28

	Domain	Requested by
19	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	pagead2.googlesyndication.com	www.jecontacte.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	www.jecontacte.org	www.jecontacte.com
11	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.google.com	1 redirects www.jecontacte.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	x.bidswitch.net	4 redirects
4	c1.adform.net	4 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	onetag-sys.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	secure.adnxs.com	2 redirects
2	r.turn.com
2	ad.turn.com	2 redirects
2	ssbsync.smartadserver.com	googleads.g.doubleclick.net
2	s.ad.smaato.net	2 redirects
2	d5p.de17a.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.jecontacte.com www.googletagmanager.com
1	pixel.rubiconproject.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.jecontacte.com
1	www.jecontacte.com	www.bing.com
1	www.bing.com
0	sync-tm.everesttech.net Failed	googleads.g.doubleclick.net
106	34

This site contains no links.

Subject Issuer	Validity	Valid
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.jecontacte.com Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.jecontacte.org Amazon	`2022-04-27` - `2023-05-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.jecontacte.com/
Frame ID: 93E0D22576384903C63FFFBDE10E1345
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20190131/zrt_lookup.html
Frame ID: 4218E794013B841E57C89996DA182521
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=8699540398&adk=4088513138&adf=665541955&pi=t.ma~as.8699540398&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897106&bpp=4&bdt=421&idt=342&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&correlator=8021824300222&frm=20&pv=2&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S3ALRPrrXv&p=https%3A//www.jecontacte.com&dtd=355
Frame ID: EE714BE9B71E38711A05A26ADAC1FA6D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=9779320795&adk=1270934711&adf=4009394036&pi=t.ma~as.9779320795&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897110&bpp=1&bdt=426&idt=356&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IHMslEwuj9&p=https%3A//www.jecontacte.com&dtd=358
Frame ID: 055109F28E35F03F7D12AD9F95606A8D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=6825854396&adk=1871335361&adf=2863206370&pi=t.ma~as.6825854396&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897111&bpp=1&bdt=426&idt=360&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=DVGqCrIWhN&p=https%3A//www.jecontacte.com&dtd=362
Frame ID: ABEF4916C7F08E1F1102DFE80D9C50B5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&adk=2818083618&adf=1452423409&lmt=1673389897&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.jecontacte.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897124&bpp=1&bdt=440&idt=353&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C998x280&nras=1&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=361
Frame ID: BBB08AD8779428484A2E744AD3119682
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6BE7940D7C988B7ACA235A9F04DFB9AF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6C32B37D3BBD331ADD58C02E9D1C52DE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 596ACA58DEBF20FEFFE8F3555D3F2754
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0344F7BCD5F528567AEDE8E998BCC280
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: CA05D438FA8C395A995ABBAB28F8A8DD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: 31BEC609BFD16E4571D5E3DD7E51262F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: 4317650ADF57155639E21C520763645C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C29FF465826C42D1B93EC5F07EE9122F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10D69886238F8B15AD2D84537C445175
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Site de rencontre 100% gratuit : JeContacte.com

Page URL History Show full URLs

https://www.bing.com/ck/a?!&&p=44a42965e9368d0aJmltdHM9MTY3MzMwODgwMCZpZ3VpZD0zYjU2ODk2ZS1hNmYwLT... Page URL
https://www.jecontacte.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

106
Requests

84 %
HTTPS

55 %
IPv6

28
Domains

34
Subdomains

21
IPs

9
Countries

1089 kB
Transfer

2464 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bing.com/ck/a?!&&p=44a42965e9368d0aJmltdHM9MTY3MzMwODgwMCZpZ3VpZD0zYjU2ODk2ZS1hNmYwLTZiZjctMmIzYS05YmZlYTc0NDZhYTMmaW5zaWQ9NTE4NQ&ptn=3&hsh=3&fclid=3b56896e-a6f0-6bf7-2b3a-9bfea7446aa3&psq=jecontacte+&u=a1aHR0cHM6Ly93d3cuamVjb250YWN0ZS5jb20v&ntb=1 Page URL
https://www.jecontacte.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://um.simpli.fi/gp_match?google_gid=CAESECFXbUq5I7G9AyUGH6iSTuo&google_cver=1&google_push=AavPq0MBrG0V8tVrkSGn_wcilaKidKZIG26lHhCmAdAZgJeDL-kA4wwHdfnh61ERcrN4bJ3zlhBdKFQKHCopJqRjRHCZ_nLPLMIKnB4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=40CA2855E14E4E5DA99A6787B256327B&google_push=AavPq0MBrG0V8tVrkSGn_wcilaKidKZIG26lHhCmAdAZgJeDL-kA4wwHdfnh61ERcrN4bJ3zlhBdKFQKHCopJqRjRHCZ_nLPLMIKnB4

Request Chain 76

https://d5p.de17a.com/cookies/google?google_gid=CAESEMfidxNPgoKTb7QrbHcbYcQ&google_cver=1&google_push=AavPq0PFWznvt0FmbUadeLam42q3s5gGjBr2FxpmpbvJElhBJtQZvCe4QsYCPBKQv1SUKVASAyBfLK1ADvVSvLz0FP-uW0wF3I-MKg0 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMfidxNPgoKTb7QrbHcbYcQ&google_cver=1&google_push=AavPq0PFWznvt0FmbUadeLam42q3s5gGjBr2FxpmpbvJElhBJtQZvCe4QsYCPBKQv1SUKVASAyBfLK1ADvVSvLz0FP-uW0wF3I-MKg0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0PFWznvt0FmbUadeLam42q3s5gGjBr2FxpmpbvJElhBJtQZvCe4QsYCPBKQv1SUKVASAyBfLK1ADvVSvLz0FP-uW0wF3I-MKg0

Request Chain 77

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELUg4-AXXIK8VLMAR4dD9p0&google_cver=1&google_push=AavPq0PKI20wG2g8iXR67Yli9OdLxvscvNMB9fBrRvcAWH8MlZc2idcDjc-boAf0uSGOrJwvIiKQF8ShMt2SjUW_SixUz2u1Pe9XhYM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0PKI20wG2g8iXR67Yli9OdLxvscvNMB9fBrRvcAWH8MlZc2idcDjc-boAf0uSGOrJwvIiKQF8ShMt2SjUW_SixUz2u1Pe9XhYM

Request Chain 79

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFJG2Ya9zOF4fIlxvE4JIfw&google_cver=1&google_push=AavPq0OiCSwFWaq7pXXjdtBTwg_UgPp2X3tkulrPnBlry1xpmBslrOZhFwmGWhhI0yT_cu_gQ_PUToh7uUccIZcnq8v_HEGKSFkDSqbr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OiCSwFWaq7pXXjdtBTwg_UgPp2X3tkulrPnBlry1xpmBslrOZhFwmGWhhI0yT_cu_gQ_PUToh7uUccIZcnq8v_HEGKSFkDSqbr HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 82

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBsFDGm8FWx4mHhnD5GgHwc&google_cver=1&google_push=AavPq0O9UUPXZO1vlMqAwjbWtpHrZ0RQjW5zUhXsgLhBrXpODvXzbDeYNmsQ9W53zLkJaoYWj0zTZgTT9aBcSUe5Wlrp3EDqqTLrOPre HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQxOTMzMzY3NzEyNTc1Mzc1MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBsFDGm8FWx4mHhnD5GgHwc&google_cver=1

Request Chain 83

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEe0M_1-BrWDZO2iJ4QY-lw&google_cver=1&google_push=AavPq0OX7lI7cBYVzC4BzZPSbvRx5s91zFikk7mTok0FDza9U2BRKhtFUZuA7mEhry5r9n3aTZ6lMD5UUPyayaoW0L3fxOj4NNhsuk8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OX7lI7cBYVzC4BzZPSbvRx5s91zFikk7mTok0FDza9U2BRKhtFUZuA7mEhry5r9n3aTZ6lMD5UUPyayaoW0L3fxOj4NNhsuk8&google_hm=eS1wOGV5Y25SRTJwR21jZ2lJd19WdVNpbWxyMFNETWhDY35B

Request Chain 84

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBF7TT30Q9acGBJYQHODR4I&google_cver=1&google_push=AavPq0Oq6T3gFqzJDEIvL2gja2b6qG7QoAsdmq_CLscFztzi0ywtexUT5x3Blwq_M8Vm8cCme_n4A6w2cNprvNde-r2_SEamaZc9ISD3 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBF7TT30Q9acGBJYQHODR4I&google_cver=1&google_push=AavPq0Oq6T3gFqzJDEIvL2gja2b6qG7QoAsdmq_CLscFztzi0ywtexUT5x3Blwq_M8Vm8cCme_n4A6w2cNprvNde-r2_SEamaZc9ISD3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM1MzY2MTk0MzU1MDMxMTA1NQ&google_push=AavPq0Oq6T3gFqzJDEIvL2gja2b6qG7QoAsdmq_CLscFztzi0ywtexUT5x3Blwq_M8Vm8cCme_n4A6w2cNprvNde-r2_SEamaZc9ISD3

Request Chain 85

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKQ0WBVww5dPt-DkHkr3kBw&google_cver=1&google_push=AavPq0PzgISebAfLQU4Bm2qXfLN81NiufqCv3UWx2mv6Yk4wd-AozUZYOghOvnbJhlonIy2jNZ1OXBfTbXpy1efrcW47mOo3R883KDDr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0PzgISebAfLQU4Bm2qXfLN81NiufqCv3UWx2mv6Yk4wd-AozUZYOghOvnbJhlonIy2jNZ1OXBfTbXpy1efrcW47mOo3R883KDDr

Request Chain 86

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENFAKKEjCv_5PjtX2DAhBuU&google_cver=1&google_push=AavPq0PX2FIhjacOV4mACiCF8YWgcUTfRAnhIx1OdzVWUDOQbs5nTsLcqr1aZCFV3ODIXbzaMLfWMWnlYBkoZOaBfP-fDiz9mI271ZK- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PX2FIhjacOV4mACiCF8YWgcUTfRAnhIx1OdzVWUDOQbs5nTsLcqr1aZCFV3ODIXbzaMLfWMWnlYBkoZOaBfP-fDiz9mI271ZK-

Request Chain 87

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESED4aY3c5nuhk63TijKFMCsM&google_cver=1&google_push=AavPq0Oofuo6hjDTvLEEDbRVbTstI9JcZumxF4MkpggGMKsvANJho57ngbk9GxldRRoR9CJ7FshWc5K9IuNwTXf4NOO4OMqQCVCcu75M HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESED4aY3c5nuhk63TijKFMCsM%26google_cver%3D1%26google_push%3DAavPq0Oofuo6hjDTvLEEDbRVbTstI9JcZumxF4MkpggGMKsvANJho57ngbk9GxldRRoR9CJ7FshWc5K9IuNwTXf4NOO4OMqQCVCcu75M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTcxNDc5MDA1OTYwNDc2Njk3&google_gid=CAESED4aY3c5nuhk63TijKFMCsM&google_cver=1&google_push=AavPq0Oofuo6hjDTvLEEDbRVbTstI9JcZumxF4MkpggGMKsvANJho57ngbk9GxldRRoR9CJ7FshWc5K9IuNwTXf4NOO4OMqQCVCcu75M

Request Chain 88

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKxK4SiQTKIOz3G-7dHZLxk&google_cver=1&google_push=AavPq0MVS_b5UlEngbp9H1AHTzBlmJRvAJ9PQZRhiPy_LG0SRlRFsfDZuPkZ6NfJlK5WWFNXby4w_cwlqhWVBI-J_zybFN-VkfQRzg5Wdg HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKxK4SiQTKIOz3G-7dHZLxk&google_cver=1&google_push=AavPq0MVS_b5UlEngbp9H1AHTzBlmJRvAJ9PQZRhiPy_LG0SRlRFsfDZuPkZ6NfJlK5WWFNXby4w_cwlqhWVBI-J_zybFN-VkfQRzg5Wdg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d2200e03-95e9-49d0-a771-5fd2e244daff&%%GOOGLE_PUSH_PAIR%%

Request Chain 91

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFqMW4eXOMAWDsuTA17xu4U&google_cver=1&google_push=AavPq0NXaCW1Bva36w1GRn7OFz3hot7PHNBU95mSX7TVvtp7eO-zsHeqmnfa8BINi_aOeGu7ZJHfJKmX0gt1lTxHWNHRW5-Zz33WSv_Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM0NzI3NjA4MzA4NzgyNTgxNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBsFDGm8FWx4mHhnD5GgHwc&google_cver=1

Request Chain 93

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEF0GginKXBatm-aRxRUzT9M&google_cver=1&google_push=AavPq0NZ8Z-DWO6B_yeuuKImWEZjbueDbREIonm3AmgrnNnIYz4UFiFKuj--IaLlSc-L3Iw6s_Bk1O3bSKjJe5UwoLOkn93oFgbFupMS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NZ8Z-DWO6B_yeuuKImWEZjbueDbREIonm3AmgrnNnIYz4UFiFKuj--IaLlSc-L3Iw6s_Bk1O3bSKjJe5UwoLOkn93oFgbFupMS&google_hm=zliBnwOJSISF-zHdpkye0GQ

Request Chain 94

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHvpe4CQCeIu3cDOE0r0ero&google_cver=1&google_push=AavPq0NY1ZdJnOyQ1LmJiHhmbAngSPsW1-6P265Xsz8_SM5UOa_TroSUAH8E8VMpByaIr7sS_qfl1nbZ9rFg8zUh-HNES82HnclVi3-8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHvpe4CQCeIu3cDOE0r0ero&google_cver=1&google_push=AavPq0NY1ZdJnOyQ1LmJiHhmbAngSPsW1-6P265Xsz8_SM5UOa_TroSUAH8E8VMpByaIr7sS_qfl1nbZ9rFg8zUh-HNES82HnclVi3-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjgyMDE1MDAxODkzODI5Mjg4&google_push=AavPq0NY1ZdJnOyQ1LmJiHhmbAngSPsW1-6P265Xsz8_SM5UOa_TroSUAH8E8VMpByaIr7sS_qfl1nbZ9rFg8zUh-HNES82HnclVi3-8

Request Chain 95

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIkAmXhJVu0nG-1Xxa83Bag&google_cver=1&google_push=AavPq0N5hRQMUkFbKwQ_eYR3x0lBqIbyZGyCblergZxmM_XJkoS2QqO7uN2Nkk9UZs_YQEOgiMhJrmgX6ZRL_ht34AvE4nL00Tl8Z78 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENRVDUxR0otMVMtMkpCQg==&google_push=AavPq0N5hRQMUkFbKwQ_eYR3x0lBqIbyZGyCblergZxmM_XJkoS2QqO7uN2Nkk9UZs_YQEOgiMhJrmgX6ZRL_ht34AvE4nL00Tl8Z78

Request Chain 97

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOCopsf53i5kKUbUi2yBdjM&google_cver=1&google_push=AavPq0MNgECxBL9zot2_BV-u0UQaq7m596mwiOd6-5_fw8gPk1d3s6PXcW_-HxuTNRO5NX2Az1ZqQGfPiVITDsM73-AUjQMZ1zuYcl9C8A HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOCopsf53i5kKUbUi2yBdjM&google_cver=1&google_push=AavPq0MNgECxBL9zot2_BV-u0UQaq7m596mwiOd6-5_fw8gPk1d3s6PXcW_-HxuTNRO5NX2Az1ZqQGfPiVITDsM73-AUjQMZ1zuYcl9C8A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d2200e03-95e9-49d0-a771-5fd2e244daff&%%GOOGLE_PUSH_PAIR%%

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

106 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 a Show response
www.bing.com/ck/ 2 KB
2 KB 171ms
61ms Document
text/html 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bing.com/ck/a?!&&p=44a42965e9368d0aJmltdHM9MTY3MzMwODgwMCZpZ3VpZD0zYjU2ODk2ZS1hNmYwLTZiZjctMmIzYS05YmZlYTc0NDZhYTMmaW5zaWQ9NTE4NQ&ptn=3&hsh=3&fclid=3b56896e-a6f0-6bf7-2b3a-9bfea7446aa3&psq=jecontacte+&u=a1aHR0cHM6Ly93d3cuamVjb250YWN0ZS5jb20v&ntb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1a202582a4b0a18d10d0ed5acef0857ff4c4a71f1494667a19994d847636f233

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1173
content-type: text/html; charset=UTF-8
date: Tue, 10 Jan 2023 22:31:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F05B06EEDD7A47039D846908C967818B Ref B: FRA31EDGE0614 Ref C: 2023-01-10T22:31:35Z

GET
H2 200 Primary Request / Show response
www.jecontacte.com/ 56 KB
14 KB 874ms
233ms Document
text/html 52.4.80.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jecontacte.com/
Requested by: Host: www.bing.com
URL: https://www.bing.com/ck/a?!&&p=44a42965e9368d0aJmltdHM9MTY3MzMwODgwMCZpZ3VpZD0zYjU2ODk2ZS1hNmYwLTZiZjctMmIzYS05YmZlYTc0NDZhYTMmaW5zaWQ9NTE4NQ&ptn=3&hsh=3&fclid=3b56896e-a6f0-6bf7-2b3a-9bfea7446aa3&psq=jecontacte+&u=a1aHR0cHM6Ly93d3cuamVjb250YWN0ZS5jb20v&ntb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.80.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-80-147.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash: fd832901bb5530088cee5cab69cacbeb7e7a9f0de769c382b18e40a98caada3a

Request headers

Referer: https://www.bing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=iso-8859-1
date: Tue, 10 Jan 2023 22:31:36 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 145ms
50ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1368630-1

Requested by

Host: www.jecontacte.com
URL: https://www.jecontacte.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac8299a8f56fa0cc5e561f2288e10a6e3a6403c9c8a3cd9c851e8c84a91d47c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44818
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Jan 2023 22:31:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 222ms
99ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.jecontacte.com
URL: https://www.jecontacte.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49a0a2e36b940dbfb52c8d21f5381509f97265c349954c68448c7454d6c5b4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49357
x-xss-protection: 0
server: cafe
etag: 12474351234468263120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Jan 2023 22:31:36 GMT

GET
H2 200 215202864_1180615991.jpg
www.jecontacte.org/v3/A/r/a/vbth/ 9 KB
9 KB 496ms
78ms Image
image/jpeg 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jecontacte.org/v3/A/r/a/vbth/215202864_1180615991.jpg
Requested by: Host: www.jecontacte.com
URL: https://www.jecontacte.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0be6c9213ea3831b72c85f777472cb38477c74aac74037d30bfdcf6556f0bf2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 16:55:10 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Wed, 12 Aug 2015 00:03:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 365788
etag: "7450f72692f1d501521b48a15089a3bd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8995
x-amz-cf-id: qv-3zek5ExZ1Bs3slOfUdqW3nJ1VzarsjX7dueznEBoXKQu7L_eCqQ==
expires: Wed, 13 Nov 2030 21:55:13 GMT

GET
H2 200 3748754381_1623154127.jpg
www.jecontacte.org/v3/j/e/m/vbth/ 8 KB
9 KB 528ms
111ms Image
image/jpeg 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jecontacte.org/v3/j/e/m/vbth/3748754381_1623154127.jpg
Requested by: Host: www.jecontacte.com
URL: https://www.jecontacte.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acc119d2de19b043673208b4781b7b2321af6347a3532ec8f5a298b14da03ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 10:25:48 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Tue, 08 Jun 2021 12:09:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 993950
etag: "2d2a36246d576d8cc66b021b1b8c46bc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8584
x-amz-cf-id: V394DUMiFvhS3VOW03HSuJwxg8s2ExbjC93ERyjuNxcDVLlzaN_VUg==
expires: Wed, 13 Nov 2030 21:55:13 GMT

GET
H2 200 2232674480_1632673835.jpg
www.jecontacte.org/v3/J/e/a/vbth/ 7 KB
8 KB 517ms
99ms Image
image/jpeg 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jecontacte.org/v3/J/e/a/vbth/2232674480_1632673835.jpg
Requested by: Host: www.jecontacte.com
URL: https://www.jecontacte.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de69501c8963f46c35adfaf8cf4146fa051505c010f5ac639f8cae8fa0bf5683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 23:04:20 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Sun, 26 Sep 2021 16:31:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1466838
etag: "3368cc82ff655fb603ba59cced7907db"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7618
x-amz-cf-id: dxbIxXSXLhlBZMzDMqDvs4Qgi14SUF-DtoR6eY5IctC-wWK9hcJxzw==
expires: Wed, 13 Nov 2030 21:55:13 GMT

GET
H2 200 917466721_1672586527.jpg
www.jecontacte.org/v3/V/O/U/vbth/ 10 KB
10 KB 509ms
91ms Image
image/jpeg 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jecontacte.org/v3/V/O/U/vbth/917466721_1672586527.jpg
Requested by: Host: www.jecontacte.com
URL: https://www.jecontacte.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ea3f6b296783c77ef3b4c93f12de354db1b811e0038703a16bce2a44a091675

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 08:54:22 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Sun, 01 Jan 2023 15:22:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 49036
etag: "e330517e3a08ffa0f15843aa067cd5c6"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10328
x-amz-cf-id: f6l9mSBjzhGUBZZsTNbMP-Vcf6Gd-2fblS7AdENTTdckx-vHua5Q8g==
expires: Wed, 13 Nov 2030 21:55:13 GMT

GET
H2 200 1109285954_1398520968.jpg
www.jecontacte.org/v3/A/t/a/vbth/ 8 KB
8 KB 462ms
45ms Image
image/jpeg 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jecontacte.org/v3/A/t/a/vbth/1109285954_1398520968.jpg
Requested by: Host: www.jecontacte.com
URL: https://www.jecontacte.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b05f23e0e8157e44ba5202cd2ec7a29e36b3c8a444d7b37e7b25fe53af4f3bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 21:21:23 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Wed, 12 Aug 2015 18:01:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 4215
etag: "56a87aa7582539fded54eda34dee5f56"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8239
x-amz-cf-id: n5EFUjRXJ1RzYGc7jgCDLjDM6ZOiD60T1eyOIFqvIo3o0iiCD2LTeQ==
expires: Wed, 13 Nov 2030 21:55:13 GMT

GET
H2 200 2331763286_1671368857.jpg
www.jecontacte.org/v3/M/o/i/vbth/ 6 KB
7 KB 505ms
88ms Image
image/jpeg 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jecontacte.org/v3/M/o/i/vbth/2331763286_1671368857.jpg
Requested by: Host: www.jecontacte.com
URL: https://www.jecontacte.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed3e1a0aff05ef306f10b0326d813d72344f84a015aa94aa344def8f527219a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:43:11 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Sun, 18 Dec 2022 13:08:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1907307
etag: "e8a7b7443f7548c36ac32ee9f4f8a61e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6483
x-amz-cf-id: XN4-4m-XHoVLpC2JSkD6FAI85DdeL_ZBuszwmjQyt8a6YGRzGhM1AQ==
expires: Wed, 13 Nov 2030 21:55:13 GMT

GET
H2 200 1880358779_1645618901.jpg
www.jecontacte.org/v3/S/e/g/vbth/ 11 KB
11 KB 439ms
48ms Image
image/jpeg 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jecontacte.org/v3/S/e/g/vbth/1880358779_1645618901.jpg
Requested by: Host: www.jecontacte.com
URL: https://www.jecontacte.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db25f05e4b01bc0a7b54e7a5ba2536ea236bf2536a0b76e1b1462b20697c7867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 12:31:29 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 12:22:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 986409
etag: "2fbfe252b100554a21d30b2b027568a2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10763
x-amz-cf-id: UwpkuuTjOv1V-4Rio0xvld-cSuOytliLXQQ0AYnsn0hK4MjLFpJjhA==
expires: Wed, 13 Nov 2030 21:55:13 GMT

GET
H2 200 1997638035_1637007252.jpg
www.jecontacte.org/v3/N/i/k/vbth/ 6 KB
7 KB 443ms
51ms Image
image/jpeg 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jecontacte.org/v3/N/i/k/vbth/1997638035_1637007252.jpg
Requested by: Host: www.jecontacte.com
URL: https://www.jecontacte.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bcaa811413cfda9857978a7adc853dbc806de87fd2434f9d01130857c9875815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 02:45:04 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 20:15:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 71194
etag: "c5c3ed024eca56eb7940f50295f78392"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6513
x-amz-cf-id: P6OVosqH9NDwatNKMDGPId6OhxjHgH0znx3ti5VARsQMXBRepWAJ_w==
expires: Wed, 13 Nov 2030 21:55:13 GMT

GET
H2 200 3046838855_1672623952.jpg
www.jecontacte.org/v3/N/o/u/vbth/ 7 KB
8 KB 482ms
90ms Image
image/jpeg 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jecontacte.org/v3/N/o/u/vbth/3046838855_1672623952.jpg
Requested by: Host: www.jecontacte.com
URL: https://www.jecontacte.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d761c591c964cfda7a471f59818fc65973c87209e743198dd6ca315fa5eba34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 21:36:22 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 01:46:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 694516
etag: "a40707e9c2dc7deeb90327212a6136c1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7518
x-amz-cf-id: 5LABSXBytMUW7Zbj-PM22kmxF_-b8qXvVkaCyd5Aidf6U16EM-O_MQ==
expires: Wed, 13 Nov 2030 21:55:13 GMT

GET
H2 200 3151439815_1609082310.jpg
www.jecontacte.org/v3/l/o/f/vbth/ 4 KB
5 KB 474ms
82ms Image
image/jpeg 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jecontacte.org/v3/l/o/f/vbth/3151439815_1609082310.jpg
Requested by: Host: www.jecontacte.com
URL: https://www.jecontacte.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 162ce28ae01cdf2bcc85b71e7b8ad919302e24773b80f49015e4a211dc306209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 22:49:50 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Sun, 27 Dec 2020 15:19:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 776508
etag: "ad4323c008b984aa87e99ce0c480af90"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4287
x-amz-cf-id: wmcfnkW0DXTxoanuT6cAB65ddpKCbwdctQwtWtTc_buS8UenJTbVCg==
expires: Wed, 13 Nov 2030 21:55:13 GMT

GET
H2 200 4881404696_1673292559.jpg
www.jecontacte.org/v3/B/r/o/vbth/ 10 KB
10 KB 434ms
42ms Image
image/jpeg 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jecontacte.org/v3/B/r/o/vbth/4881404696_1673292559.jpg
Requested by: Host: www.jecontacte.com
URL: https://www.jecontacte.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d230b2d57daca8d69e8997db95487293b8c195a9fb4a4beb798ac4c58415afae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 17:15:15 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 19:30:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 18983
etag: "c75d9acce98793662834bd95ce5129f2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10024
x-amz-cf-id: 1ZphdOd_xRwJzd3s76cuEdfvjWIjgi_SSR1cRrZHkbwDsRMOzhIDtw==
expires: Wed, 13 Nov 2030 21:55:13 GMT

GET
H2 200 3582480053_1672954600.jpg
www.jecontacte.org/v3/B/a/g/vbth/ 11 KB
11 KB 469ms
77ms Image
image/jpeg 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jecontacte.org/v3/B/a/g/vbth/3582480053_1672954600.jpg
Requested by: Host: www.jecontacte.com
URL: https://www.jecontacte.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3ce9d98399174a9d9ceb0776bc50e13b1ab64b2b6ff90c2ea91da964c6aa1d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 07:22:31 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 21:37:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 313747
etag: "a0709a0c28481b7c8e60fe6f9a9ec85a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10942
x-amz-cf-id: HQ4kw38DrKftX2nNCyz8NMxPnVvcoIPaqe7OGVzRt1XIImIe6V64-g==
expires: Wed, 13 Nov 2030 21:55:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 206ms
37ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1368630-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Jan 2023 21:50:31 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2466
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 10 Jan 2023 23:50:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
67 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1059622270&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1368630-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65dde8fc25855c7b45c2eaa24f725a2bed8742af9e348eda8d8b3c4e3b6f7e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68148
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Jan 2023 22:31:36 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1059622270/ 2 KB
1 KB 253ms
110ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1059622270/?random=1673389897082&cv=11&fst=1673389897082&bg=ffffff&guid=ON&async=1&gtm=2oa190&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.jecontacte.com%2F&ref=https%3A%2F%2Fwww.bing.com%2F&tiba=Site%20de%20rencontre%20100%25%20gratuit%20%3A%20JeContacte.com&auid=851703274.1673389897&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1059622270&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

141d683de15ee9b6f8d1df493812bb8174a02257f4d4c1ff843ee8c10f79fb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050105/ 356 KB
117 KB 212ms
105ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050105/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0768570393367504&plah=www.jecontacte.com&bust=31071391

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c78fb238f4765fad72daefbafc7d75d50621da4e5db2e4659588be95d49c02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119976
x-xss-protection: 0
server: cafe
etag: 7659619087219448193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 10 Jan 2023 22:31:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230109/r20190131/ Frame 4218 10 KB
5 KB 161ms
50ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jecontacte.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10098
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 19:43:19 GMT
etag: 10353107486223812946
expires: Tue, 24 Jan 2023 19:43:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 120ms
44ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1479401770&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jecontacte.com%2F&dr=https%3A%2F%2Fwww.bing.com%2F&ul=en-us&de=windows-1252&dt=Site%20de%20rencontre%20100%25%20gratuit%20%3A%20JeContacte.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1986497629&gjid=1872033923&cid=1119813433.1673389897&tid=UA-1368630-1&_gid=267736512.1673389897&_r=1&gtm=2ou190&z=1225039817

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jecontacte.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jecontacte.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1059622270/ 42 B
548 B 144ms
48ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1059622270/?random=1673389897082&cv=11&fst=1673388000000&bg=ffffff&guid=ON&async=1&gtm=2oa190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.jecontacte.com%2F&ref=https%3A%2F%2Fwww.bing.com%2F&tiba=Site%20de%20rencontre%20100%25%20gratuit%20%3A%20JeContacte.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2587418475&rmt_tld=0&ipr=y

Requested by

Host: www.jecontacte.com
URL: https://www.jecontacte.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1059622270/ 42 B
548 B 198ms
75ms Image
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1059622270/?random=1673389897082&cv=11&fst=1673388000000&bg=ffffff&guid=ON&async=1&gtm=2oa190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.jecontacte.com%2F&ref=https%3A%2F%2Fwww.bing.com%2F&tiba=Site%20de%20rencontre%20100%25%20gratuit%20%3A%20JeContacte.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2587418475&rmt_tld=1&ipr=y

Requested by

Host: www.jecontacte.com
URL: https://www.jecontacte.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
701 B 154ms
44ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.jecontacte.com&callback=_gfp_s_&client=ca-pub-0768570393367504&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050105/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0768570393367504&plah=www.jecontacte.com&bust=31071391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56b6884a8839e12951c695efcc41e31a27abfac707e5dd6588a9032268ca96c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 189ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jecontacte.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 154ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jecontacte.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE71 101 KB
35 KB 678ms
573ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=8699540398&adk=4088513138&adf=665541955&pi=t.ma~as.8699540398&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897106&bpp=4&bdt=421&idt=342&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&correlator=8021824300222&frm=20&pv=2&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S3ALRPrrXv&p=https%3A//www.jecontacte.com&dtd=355

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aef984b9d4fa8c0a3de108947a79c6d0bae156971c0fc7426692baa679634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jecontacte.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35655
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 22:31:38 GMT
expires: Tue, 10 Jan 2023 22:31:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0551 98 KB
35 KB 593ms
494ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=9779320795&adk=1270934711&adf=4009394036&pi=t.ma~as.9779320795&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897110&bpp=1&bdt=426&idt=356&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IHMslEwuj9&p=https%3A//www.jecontacte.com&dtd=358

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

667f1ede70b5aa19559bec6550f522ac8e02d540633c671e0c558bf894925eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jecontacte.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35654
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 22:31:37 GMT
expires: Tue, 10 Jan 2023 22:31:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ABEF 101 KB
35 KB 586ms
491ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=6825854396&adk=1871335361&adf=2863206370&pi=t.ma~as.6825854396&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897111&bpp=1&bdt=426&idt=360&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=DVGqCrIWhN&p=https%3A//www.jecontacte.com&dtd=362

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

488f3df1f027c15bea4d1a3ba8f8a7b6dcd4743bb16df4e53ba274036327f043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jecontacte.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35468
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 22:31:37 GMT
expires: Tue, 10 Jan 2023 22:31:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 83ms
82ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.jecontacte.com%2F&tn=DIV&id=cookie_warning&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.jecontacte.com
URL: https://www.jecontacte.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BBB0 0
20 B 158ms
76ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&adk=2818083618&adf=1452423409&lmt=1673389897&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.jecontacte.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897124&bpp=1&bdt=440&idt=353&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C998x280&nras=1&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=361

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jecontacte.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 22:31:37 GMT
expires: Tue, 10 Jan 2023 22:31:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame ABEF 8 KB
1 KB 201ms
74ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=6825854396&adk=1871335361&adf=2863206370&pi=t.ma~as.6825854396&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897111&bpp=1&bdt=426&idt=360&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=DVGqCrIWhN&p=https%3A//www.jecontacte.com&dtd=362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Jan 2023 22:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 21:59:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Jan 2023 22:31:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame ABEF 2 KB
846 B 195ms
94ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:44:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame ABEF 22 KB
9 KB 140ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 22:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Jan 2023 22:39:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame ABEF 3 KB
1 KB 249ms
159ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 20:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 20:33:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame ABEF 18 KB
7 KB 144ms
42ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:42:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:42:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ABEF 0
0 123ms
45ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsirbA3XwGdXMuuj6Jz3dG47a546RNGEf5_DDI39NhPBQllPFDnM45XkEcW_Dm-ey-ELaTK-HtogkY1R_eTPm-PiqHUQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=6825854396&adk=1871335361&adf=2863206370&pi=t.ma~as.6825854396&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897111&bpp=1&bdt=426&idt=360&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=DVGqCrIWhN&p=https%3A//www.jecontacte.com&dtd=362
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ABEF 156 KB
48 KB 134ms
44ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48956
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673267917225388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 22:31:38 GMT

GET
H2 200 1507d5c23d710c2e70b81f354fbf7065.js Show response
www.gstatic.com/mysidia/ Frame ABEF 33 KB
14 KB 181ms
56ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 12:12:53 GMT

GET
H2 200 7d0b7188506749bb068f2c695a7a947e.js Show response
www.gstatic.com/mysidia/ Frame 0551 9 KB
5 KB 180ms
51ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7d0b7188506749bb068f2c695a7a947e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=9779320795&adk=1270934711&adf=4009394036&pi=t.ma~as.9779320795&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897110&bpp=1&bdt=426&idt=356&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IHMslEwuj9&p=https%3A//www.jecontacte.com&dtd=358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4667dba2a203d28710eb217ab0f81b8b573affebdc0b75403feac41f90f5ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4224
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 06:32:53 GMT

GET
H2 200 7ccdca65462086e0026c8c8b2d8a241a.js Show response
www.gstatic.com/mysidia/ Frame 0551 10 KB
4 KB 181ms
52ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7ccdca65462086e0026c8c8b2d8a241a.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71adc001e72831a0b0cfbf8207a5738d538c47462a524cfabd7844e3fbe29d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4484
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 06:32:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0551 8 KB
968 B 192ms
76ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Jan 2023 22:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 21:59:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Jan 2023 22:31:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ABEF 0
0 96ms
96ms Fetch
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CM0OxSee9Y5S9Jvqs7APmlYuYDI6NlZ5ut9XtwvsN3dkeEAEgtozlCGCVgoCAmAegAdWY8O4DyAEJqQLdfKK0EAKyPqgDAcgDywSqBNUBT9DBaJCKmV5XpuBf4ElMFq6_b2RpQnJ6JXIVAPXEh32fpBMlkYWYgHJbhCj1u0AN0-Wif24ScKGdv654ts7Rdz3P0oPzQTvuO4OW8Y5E1wsAOD7m82XMID7dy1PKtqNirHRTJa_WccbBDC6PY0eGw07rmag1E3HxuBubAkNgbZPs10vyXnGdXvaG1mrClPj8vWq6lcDYtqh6NxzPVRVRf4fejiApOdwSwOAsULhf72PwrEJTaJge5QgBK6lNAXZc0reTyk7gwR3IF-ikyhVBC8lw61sRwATvu_DIXJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeT548RqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQj0_SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wNzY4NTcwMzkzMzY3NTA0GAA&sigh=P54hMxLLYpw&uach_m=[UACH]&cid=CAQSKQDq26N9_hXva--v1OnPtMmmER0qcJJTQZlNkBtSlPe6RiehD2tS1QSyGAEgEw&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=6825854396&adk=1871335361&adf=2863206370&pi=t.ma~as.6825854396&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897111&bpp=1&bdt=426&idt=360&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=DVGqCrIWhN&p=https%3A//www.jecontacte.com&dtd=362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 10 Jan 2023 22:31:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2679435792022759702/ Frame ABEF 66 KB
66 KB 180ms
94ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2679435792022759702/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfbc3c8fa4a363800a5d350ac3e637eb8d2db49ef3085b4259f58fa47857d19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:17:17 GMT
x-content-type-options: nosniff
age: 393261
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67568
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 13:54:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jan 2024 09:17:17 GMT

GET
DATA 200
OK truncated
/ Frame ABEF 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ABEF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 0551 2 KB
765 B 121ms
37ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:44:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame 0551 22 KB
9 KB 96ms
47ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 22:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Jan 2023 22:39:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 0551 3 KB
1 KB 122ms
37ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 20:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 20:33:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 0551 18 KB
7 KB 122ms
75ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:42:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:42:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0551 0
0 52ms
45ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcQGtfm5XjYxFIvOyJhxjZPwtQLS1RRjqFEyyVcTyG7-efCosU2vsWkNrXtKDP5DIS3H25pHAVnwCATCIjgN7EvgvY9Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=9779320795&adk=1270934711&adf=4009394036&pi=t.ma~as.9779320795&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897110&bpp=1&bdt=426&idt=356&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IHMslEwuj9&p=https%3A//www.jecontacte.com&dtd=358
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0551 156 KB
48 KB 127ms
46ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48956
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673267917225388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 22:31:38 GMT

GET
H3 200 1507d5c23d710c2e70b81f354fbf7065.js Show response
www.gstatic.com/mysidia/ Frame 0551 33 KB
14 KB 168ms
50ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 12:12:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EE71 8 KB
968 B 121ms
75ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=8699540398&adk=4088513138&adf=665541955&pi=t.ma~as.8699540398&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897106&bpp=4&bdt=421&idt=342&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&correlator=8021824300222&frm=20&pv=2&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S3ALRPrrXv&p=https%3A//www.jecontacte.com&dtd=355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Jan 2023 22:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 22:01:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Jan 2023 22:31:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame EE71 2 KB
799 B 173ms
160ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:44:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE71 0
0 94ms
94ms Fetch
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVgJ_See9Y8W2JbOirATt6KHwDI6NlZ5ut9XtwvsN3dkeEAEgtozlCGCVgoCAmAegAdWY8O4DyAEJqQLdfKK0EAKyPqgDAcgDywSqBNIBT9AQGcrTkMXSiG_Z6TsGBilqtNEmrLFIYmyoLLy5qAaJW_jZPt4dmb5_PYrsq6LdxAmeXVQ01NzjFEHXMMFKrPsUZEuYuSulGwD8WSd04OmZGAKWIPJBaahhi26jM29jHgrUy9BHdxO-4l4_alSJDx9lEKL6mUYZnOqiD5tcXGljjWuLXpBGQp-Nf51PbEQeNcfN0HCrw6y-GheXrff4bmoFtKtEAR-niFZ6wXcJQtVdnTZ00m8bKV3DQdl_O8bWkxcnqmQt0sSF-sdV3K3VgC-NwATvu_DIXJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeT548RqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ65UD0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMDc2ODU3MDM5MzM2NzUwNBgA&sigh=g94WRWX4taA&uach_m=[UACH]&cid=CAQSKQDq26N98PPoNRpJVQtzOoybVNph1XlLRCOVyJAZgERdCQJ7dWHzIQlgGAEgEw&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=8699540398&adk=4088513138&adf=665541955&pi=t.ma~as.8699540398&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897106&bpp=4&bdt=421&idt=342&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&correlator=8021824300222&frm=20&pv=2&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S3ALRPrrXv&p=https%3A//www.jecontacte.com&dtd=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 10 Jan 2023 22:31:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame EE71 22 KB
9 KB 87ms
79ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 22:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Jan 2023 22:39:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame EE71 3 KB
1 KB 168ms
161ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 20:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 20:33:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame EE71 18 KB
7 KB 92ms
87ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:42:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 18:42:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EE71 0
0 48ms
44ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJT8pfu3rvbdqM3LjqQV4j57Lz63a4wlQkDYPBzuKDNHw3sRJsHXOMNRbWsnrvwuCNLR_eBrVf0H-59U2tBKV1U-OAmA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=8699540398&adk=4088513138&adf=665541955&pi=t.ma~as.8699540398&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897106&bpp=4&bdt=421&idt=342&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&correlator=8021824300222&frm=20&pv=2&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S3ALRPrrXv&p=https%3A//www.jecontacte.com&dtd=355
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE71 156 KB
48 KB 105ms
101ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48956
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673267917225388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 22:31:38 GMT

GET
H2 200 1507d5c23d710c2e70b81f354fbf7065.js Show response
www.gstatic.com/mysidia/ Frame EE71 33 KB
14 KB 138ms
98ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 12:12:53 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2679435792022759702/ Frame EE71 66 KB
66 KB 131ms
131ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2679435792022759702/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfbc3c8fa4a363800a5d350ac3e637eb8d2db49ef3085b4259f58fa47857d19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:17:17 GMT
x-content-type-options: nosniff
age: 393261
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67568
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 13:54:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jan 2024 09:17:17 GMT

GET
DATA 200
OK truncated
/ Frame EE71 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EE71 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6BE7 1 KB
643 B 54ms
54ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Wed, 11 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ABEF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f4e5fc6ae7bf56e7c0dabebe1f2b1a7c7af1eeb8064119566a1540e40c0a60a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6C32 1 KB
643 B 72ms
59ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Wed, 11 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0551 0
0 96ms
95ms Fetch
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ7_tSee9Y7_CJfaSjuwP8Nu16A-L9dWTa-fm9cqLEc6Cz4aPDhABILaM5QhglYKAgJgHoAGpgsiTKMgBAakC3XyitBACsj6oAwHIA8MEqgTIAU_QMRYSbHqvgOooUv4J1b_wtYdeWZtA2vrxq9bQ65i2SedjLbAw9SKgvnH6bpr1R9-hkq62tODrkdxyjYjKDu12lGIJmiVYmhM3GxlB_tU8peRBt1jCgHKAcAAvD0o6PsD4_PONPh14N037TvdX5JwPFVqbX288b12TVuyGPYOizsvk8T_nXN3O1xTTf8NC8RZFN8xCd34XYgE-RxdhqTYP6M9Ymp5ugI7wn1J2PDFONJbwGfAmXqzltvRsryjCbHTGWsId34x0wASN_pT49AOSBQQIBBgBkgUECAUYBKAGZoAHqbqY8wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCtYNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTA3Njg1NzAzOTMzNjc1MDQYAA&sigh=jKTNi-GGrPQ&uach_m=[UACH]&cid=CAQSKQDq26N9a8I0FUgtfqwZm8tQujcesLHtcLnN83odnn-V4qvvlZ_HjslZGAEgEw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=9779320795&adk=1270934711&adf=4009394036&pi=t.ma~as.9779320795&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897110&bpp=1&bdt=426&idt=356&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IHMslEwuj9&p=https%3A//www.jecontacte.com&dtd=358
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 10 Jan 2023 22:31:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 596A 143 B
166 B 52ms
51ms Document
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=9779320795&adk=1270934711&adf=4009394036&pi=t.ma~as.9779320795&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897110&bpp=1&bdt=426&idt=356&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IHMslEwuj9&p=https%3A//www.jecontacte.com&dtd=358
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 21:43:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0344 1 KB
643 B 52ms
51ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Wed, 11 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EE71 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f154d77e3c08b7233e2fb2686a780a82ddc96a50a14eb92e9e405862d9b66dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0551 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16991c9a270f0ed72c8286683d77f30b8cda55b62c04c2ca47d961893635c539

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 6BE7 0
104 B 225ms
78ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECgvuxFrfwaQZJaWig4jaAQ&google_cver=1&google_push=AavPq0Py7DqfUemAFVtt89qbm4QiMLfTyk89VBckDHd7guQlYO_Hn7E9Ua8AMbkOwS5HSRS2VgSwerIKh_MCuxoi_JCBcLaMveI3OZw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=6825854396&adk=1871335361&adf=2863206370&pi=t.ma~as.6825854396&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897111&bpp=1&bdt=426&idt=360&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=DVGqCrIWhN&p=https%3A//www.jecontacte.com&dtd=362
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6BE7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECFXbUq5I7G9AyUGH6iSTuo&google_cver=1&google_push=AavPq0MBrG0V8tVrkSGn_wcilaKidKZIG26lHhCmAdAZgJeDL-kA4wwHdfnh61ERcrN4bJ3zlhBdKFQKHCopJqRjRHCZ_nLPLMIKnB4
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=40CA2855E14E4E5DA99A6787B256327B&google_push=AavPq0MBrG0V8tVrkSGn_wcilaKidKZIG26lHhCmAdAZgJeDL-kA4wwHdfnh61ERcrN4bJ3zlhBdKFQKHCopJqR...

170 B
232 B

74ms
74ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=40CA2855E14E4E5DA99A6787B256327B&google_push=AavPq0MBrG0V8tVrkSGn_wcilaKidKZIG26lHhCmAdAZgJeDL-kA4wwHdfnh61ERcrN4bJ3zlhBdKFQKHCopJqRjRHCZ_nLPLMIKnB4

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 Jan 2023 22:31:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=40CA2855E14E4E5DA99A6787B256327B&google_push=AavPq0MBrG0V8tVrkSGn_wcilaKidKZIG26lHhCmAdAZgJeDL-kA4wwHdfnh61ERcrN4bJ3zlhBdKFQKHCopJqRjRHCZ_nLPLMIKnB4
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 09 Jan 2023 22:31:38 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6BE7 70 B
265 B 202ms
58ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIGhW9akPT80LFwA_nYx3QY&google_cver=1&google_push=AavPq0O6K-SZytYGyRuBl8pZ9sPvNcx2izLHfB4N5MAuHXL3jE9dmnqgFYgCNIdzakaJ502vY55qYcMLzCjWvReDAApnB8JYKHahNVU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=6825854396&adk=1871335361&adf=2863206370&pi=t.ma~as.6825854396&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897111&bpp=1&bdt=426&idt=360&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=DVGqCrIWhN&p=https%3A//www.jecontacte.com&dtd=362
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BE7
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEMfidxNPgoKTb7QrbHcbYcQ&google_cver=1&google_push=AavPq0PFWznvt0FmbUadeLam42q3s5gGjBr2FxpmpbvJElhBJtQZvCe4QsYCPBKQv1SUKVASAyBfLK1ADvVSvLz0FP-uW0w...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMfidxNPgoKTb7QrbHcbYcQ&google_cver=1&google_push=AavPq0PFWznvt0FmbUadeLam42q3s5gGjBr2FxpmpbvJElhBJtQZvCe4QsYCPBKQv1SUKVASAyBfLK1ADvVSvLz0FP-uW...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0PFWznvt0FmbUadeLam42q3s5gGjBr2FxpmpbvJElhBJtQZvCe4QsYCPBKQv1SUKVASAyBfLK1ADvVSvLz0FP-uW0wF3I-MKg0

170 B
188 B

170ms
74ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0PFWznvt0FmbUadeLam42q3s5gGjBr2FxpmpbvJElhBJtQZvCe4QsYCPBKQv1SUKVASAyBfLK1ADvVSvLz0FP-uW0wF3I-MKg0

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0PFWznvt0FmbUadeLam42q3s5gGjBr2FxpmpbvJElhBJtQZvCe4QsYCPBKQv1SUKVASAyBfLK1ADvVSvLz0FP-uW0wF3I-MKg0
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6BE7
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELUg4-AXXIK8VLMAR4dD9p0&google_cver=1&google_push=AavPq0PKI20wG2g8iXR67Yli9OdLxvscvNMB9fBrRvcAWH8MlZc2idcDjc-boAf0uSGOrJwvIiKQF8ShMt2SjUW_...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0PKI20wG2g8iXR67Yli9OdLxvscvNMB9fBrRvcAWH8MlZc2idcDjc-boAf0uSGOrJwvIiKQF8ShMt2SjUW_SixUz2u1Pe9XhYM

170 B
232 B

84ms
75ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0PKI20wG2g8iXR67Yli9OdLxvscvNMB9fBrRvcAWH8MlZc2idcDjc-boAf0uSGOrJwvIiKQF8ShMt2SjUW_SixUz2u1Pe9XhYM

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 Jan 2023 22:31:38 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0PKI20wG2g8iXR67Yli9OdLxvscvNMB9fBrRvcAWH8MlZc2idcDjc-boAf0uSGOrJwvIiKQF8ShMt2SjUW_SixUz2u1Pe9XhYM
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Qv-2mOlqthD3log5iJ4_2Tmt1BJvV08PRycfypXNilTXWbWbeEKklw==

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 6BE7 0
44 B 320ms
48ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMirnWhIaS8a5d0w1zttyNk&google_cver=1&google_push=AavPq0PVhmD8SpbXoW_sOItyJzhJ-NU-id6dGUtVxDRM_OBM0onFQtq5AIiWJtVgUKdplUEXtaycNyCAfX_vYOWmy4MAkQCy6XLxmYg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=6825854396&adk=1871335361&adf=2863206370&pi=t.ma~as.6825854396&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897111&bpp=1&bdt=426&idt=360&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=2289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=DVGqCrIWhN&p=https%3A//www.jecontacte.com&dtd=362
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:37 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 6BE7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFJG2Ya9zOF4fIlxvE4JIfw&google_cver=1&google_push=AavPq0OiCSwFWaq7pXXjdtBTwg_UgPp2X3tkulrPnBlry1xpmBslrOZhFwmGWhhI0yT_cu_gQ_PUToh7uUc...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OiCSwFWaq7pXXjdtBTwg_UgPp2X3tkulrPnBlry1xpmBslrOZhFwmGWhhI0yT_cu_gQ_PUToh7uUccIZcnq8v_HEGKSFkDSqbr
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

39ms
38ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6BE7 0
223 B 212ms
71ms Image
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkHH5EHp06oOBccz6scjt_jMaAGYniuCgz7BzEuFSmmeqFT9eRSF5o8GpDBnLVzU9rwa7Waw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame ABEF 28 KB
28 KB 176ms
52ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:38:02 GMT
x-content-type-options: nosniff
age: 525216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:38:02 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6C32
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBsFDGm8FWx4mHhnD5GgHwc&google_cver=1&google_push=AavPq0O9UUPXZO1vlMqAwjbWtpHrZ0RQjW5zUhXsgLhBrXpODvXzbDeYNmsQ9W53zLkJaoYWj0zTZgTT9aBcSUe5Wlrp3EDqqTLrOPre
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQxOTMzMzY3NzEyNTc1Mzc1MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBsFDGm8FWx4mHhnD5GgHwc&google_cver=1

43 B
398 B

47ms
47ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBsFDGm8FWx4mHhnD5GgHwc&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 10 Jan 2023 22:31:37 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBsFDGm8FWx4mHhnD5GgHwc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C32
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEe0M_1-BrWDZO2iJ4QY-lw&google_cver=1&google_push=AavPq0OX7lI7cBYVzC4BzZPSbvRx5s91zFikk7mTok0FDza9U2BRKhtFUZuA7mEhry5r9n3aTZ6lMD5UUPyayaoW0L3fxOj...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OX7lI7cBYVzC4BzZPSbvRx5s91zFikk7mTok0FDza9U2BRKhtFUZuA7mEhry5r9n3aTZ6lMD5UUPyayaoW0L3fxOj4NNhsuk8&google_hm=eS1wOGV5Y25SRTJwR21...

170 B
188 B

110ms
76ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OX7lI7cBYVzC4BzZPSbvRx5s91zFikk7mTok0FDza9U2BRKhtFUZuA7mEhry5r9n3aTZ6lMD5UUPyayaoW0L3fxOj4NNhsuk8&google_hm=eS1wOGV5Y25SRTJwR21jZ2lJd19WdVNpbWxyMFNETWhDY35B

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 Jan 2023 22:31:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OX7lI7cBYVzC4BzZPSbvRx5s91zFikk7mTok0FDza9U2BRKhtFUZuA7mEhry5r9n3aTZ6lMD5UUPyayaoW0L3fxOj4NNhsuk8&google_hm=eS1wOGV5Y25SRTJwR21jZ2lJd19WdVNpbWxyMFNETWhDY35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C32
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBF7TT30Q9acGBJYQHODR4I&google_cver=1&google_push=AavPq0Oq6T3gFqzJDEIvL2gja2b6qG7QoAsdmq_CLscFztzi0ywtexUT5x3Blwq_M8Vm8cCme_n4A6w2...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBF7TT30Q9acGBJYQHODR4I&google_cver=1&google_push=AavPq0Oq6T3gFqzJDEIvL2gja2b6qG7QoAsdmq_CLscFztzi0ywtexUT5x3Blwq_M8Vm8cCme_n...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM1MzY2MTk0MzU1MDMxMTA1NQ&google_push=AavPq0Oq6T3gFqzJDEIvL2gja2b6qG7QoAsdmq_CLscFztzi0ywtexUT5x3Blwq_M8Vm8cCme_n4A6...

170 B
188 B

73ms
73ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM1MzY2MTk0MzU1MDMxMTA1NQ&google_push=AavPq0Oq6T3gFqzJDEIvL2gja2b6qG7QoAsdmq_CLscFztzi0ywtexUT5x3Blwq_M8Vm8cCme_n4A6w2cNprvNde-r2_SEamaZc9ISD3

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM1MzY2MTk0MzU1MDMxMTA1NQ&google_push=AavPq0Oq6T3gFqzJDEIvL2gja2b6qG7QoAsdmq_CLscFztzi0ywtexUT5x3Blwq_M8Vm8cCme_n4A6w2cNprvNde-r2_SEamaZc9ISD3
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6C32
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKQ0WBVww5dPt-DkHkr3kBw&google_cver=1&google_push=AavPq0PzgISebAfLQU4Bm2qXfLN81NiufqCv3UWx2mv6Yk4wd-AozUZYOghOvnbJhlonIy2jNZ1OXBfTbXpy1efr...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0PzgISebAfLQU4Bm2qXfLN81NiufqCv3UWx2mv6Yk4wd-AozUZYOghOvnbJhlonIy2jNZ1OXBfTbXpy1efrcW47mOo3R883KDDr

170 B
329 B

83ms
74ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0PzgISebAfLQU4Bm2qXfLN81NiufqCv3UWx2mv6Yk4wd-AozUZYOghOvnbJhlonIy2jNZ1OXBfTbXpy1efrcW47mOo3R883KDDr

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 Jan 2023 22:31:38 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0PzgISebAfLQU4Bm2qXfLN81NiufqCv3UWx2mv6Yk4wd-AozUZYOghOvnbJhlonIy2jNZ1OXBfTbXpy1efrcW47mOo3R883KDDr
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: BKuxIdh1uPn8zupboLt8btaHqF1kuGliYb8i0PNkdgiQJEPhO-tayA==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6C32
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENFAKKEjCv_5PjtX2DAhBuU&google_cver=1&google_push=AavPq0PX2FIhjacOV4mACiCF8YWgcUTfRAnhIx1OdzVWUDOQbs5nTsLcqr1aZCFV3ODIXbzaMLfWMWnlYBko...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PX2FIhjacOV4mACiCF8YWgcUTfRAnhIx1OdzVWUDOQbs5nTsLcqr1aZCFV3ODIXbzaMLfWMWnlYBkoZOaBfP-fDiz9mI271ZK-

170 B
232 B

74ms
73ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PX2FIhjacOV4mACiCF8YWgcUTfRAnhIx1OdzVWUDOQbs5nTsLcqr1aZCFV3ODIXbzaMLfWMWnlYBkoZOaBfP-fDiz9mI271ZK-

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PX2FIhjacOV4mACiCF8YWgcUTfRAnhIx1OdzVWUDOQbs5nTsLcqr1aZCFV3ODIXbzaMLfWMWnlYBkoZOaBfP-fDiz9mI271ZK-
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C32
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESED4aY3c5nuhk63TijKFMCsM&google_cver=1&google_push=AavPq0Oofuo6hjDTv...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESED4aY3c5nuhk63TijKFMCsM%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTcxNDc5MDA1OTYwNDc2Njk3&google_gid=CAESED4aY3c5nuhk63TijKFMCsM&google_cver=1&google_push=AavPq0Oofuo6hjDTvLEEDbRVbTstI9JcZumxF4Mkpg...

170 B
188 B

74ms
74ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTcxNDc5MDA1OTYwNDc2Njk3&google_gid=CAESED4aY3c5nuhk63TijKFMCsM&google_cver=1&google_push=AavPq0Oofuo6hjDTvLEEDbRVbTstI9JcZumxF4MkpggGMKsvANJho57ngbk9GxldRRoR9CJ7FshWc5K9IuNwTXf4NOO4OMqQCVCcu75M

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 10 Jan 2023 22:31:38 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.100; 80.255.7.100; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1026d14a-ae37-4641-80e0-630ae74b5e27
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTcxNDc5MDA1OTYwNDc2Njk3&google_gid=CAESED4aY3c5nuhk63TijKFMCsM&google_cver=1&google_push=AavPq0Oofuo6hjDTvLEEDbRVbTstI9JcZumxF4MkpggGMKsvANJho57ngbk9GxldRRoR9CJ7FshWc5K9IuNwTXf4NOO4OMqQCVCcu75M
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C32
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKxK4SiQT...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKx...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d2200e03-95e9-49d0-a771-5fd2e244daff&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

73ms
73ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d2200e03-95e9-49d0-a771-5fd2e244daff&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d2200e03-95e9-49d0-a771-5fd2e244daff&%%GOOGLE_PUSH_PAIR%%
date: Tue, 10 Jan 2023 22:31:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6C32 0
40 B 125ms
72ms Image
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KVeO-Cez-xEtlhphQLMIP715Qx1ItkZAIDriloxVSiDU2Mptg3TZ-PIkAUaz3t15u_2npVSHs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame EE71 28 KB
28 KB 207ms
134ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:38:02 GMT
x-content-type-options: nosniff
age: 525216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:38:02 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0344
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFqMW4eXOMAWDsuTA17xu4U&google_cver=1&google_push=AavPq0NXaCW1Bva36w1GRn7OFz3hot7PHNBU95mSX7TVvtp7eO-zsHeqmnfa8BINi_aOeGu7ZJHfJKmX0gt1lTxHWNHRW5-Zz33WSv_Q
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM0NzI3NjA4MzA4NzgyNTgxNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBsFDGm8FWx4mHhnD5GgHwc&google_cver=1

43 B
398 B

48ms
47ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBsFDGm8FWx4mHhnD5GgHwc&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 10 Jan 2023 22:31:37 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBsFDGm8FWx4mHhnD5GgHwc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 0344 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0344
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEF0GginKXBatm-aRxRUzT9M&google_cver=1&google_push=AavPq0NZ8Z-DWO6B_yeuuKImWEZjbueDbREIonm3AmgrnNnIYz4UFiFKuj--IaLlSc-L3Iw6s_Bk1O3bSKj...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NZ8Z-DWO6B_yeuuKImWEZjbueDbREIonm3AmgrnNnIYz4UFiFKuj--IaLlSc-L3Iw6s_Bk1O3bSKjJe5UwoLOkn93oFgbFupMS&google_hm=zliBnwOJSISF-zHd...

170 B
188 B

176ms
73ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NZ8Z-DWO6B_yeuuKImWEZjbueDbREIonm3AmgrnNnIYz4UFiFKuj--IaLlSc-L3Iw6s_Bk1O3bSKjJe5UwoLOkn93oFgbFupMS&google_hm=zliBnwOJSISF-zHdpkye0GQ

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NZ8Z-DWO6B_yeuuKImWEZjbueDbREIonm3AmgrnNnIYz4UFiFKuj--IaLlSc-L3Iw6s_Bk1O3bSKjJe5UwoLOkn93oFgbFupMS&google_hm=zliBnwOJSISF-zHdpkye0GQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0344
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHvpe4CQCeIu3cDOE0r0ero&google_cver=1&google_push=AavPq0NY1ZdJnOyQ1LmJiHhmbAngSPsW1-6P265Xsz8_SM5UOa_TroSUAH8E8VMpByaIr7sS_qfl1nbZ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHvpe4CQCeIu3cDOE0r0ero&google_cver=1&google_push=AavPq0NY1ZdJnOyQ1LmJiHhmbAngSPsW1-6P265Xsz8_SM5UOa_TroSUAH8E8VMpByaIr7sS_qf...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjgyMDE1MDAxODkzODI5Mjg4&google_push=AavPq0NY1ZdJnOyQ1LmJiHhmbAngSPsW1-6P265Xsz8_SM5UOa_TroSUAH8E8VMpByaIr7sS_qfl1nbZ...

170 B
188 B

75ms
75ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjgyMDE1MDAxODkzODI5Mjg4&google_push=AavPq0NY1ZdJnOyQ1LmJiHhmbAngSPsW1-6P265Xsz8_SM5UOa_TroSUAH8E8VMpByaIr7sS_qfl1nbZ9rFg8zUh-HNES82HnclVi3-8

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjgyMDE1MDAxODkzODI5Mjg4&google_push=AavPq0NY1ZdJnOyQ1LmJiHhmbAngSPsW1-6P265Xsz8_SM5UOa_TroSUAH8E8VMpByaIr7sS_qfl1nbZ9rFg8zUh-HNES82HnclVi3-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0344
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIkAmXhJVu0nG-1Xxa83Bag&google_cver=1&google_push=AavPq0N5hRQMUkFbKwQ_eYR3x0lBqIbyZGyCblergZxmM_XJkoS2QqO7uN2Nkk9UZs_YQEOgiMh...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENRVDUxR0otMVMtMkpCQg==&google_push=AavPq0N5hRQMUkFbKwQ_eYR3x0lBqIbyZGyCblergZxmM_XJkoS2QqO7uN2Nkk9UZs_YQEOgiMhJrmgX6ZRL_ht34AvE4nL00Tl8Z78

170 B
188 B

73ms
73ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENRVDUxR0otMVMtMkpCQg==&google_push=AavPq0N5hRQMUkFbKwQ_eYR3x0lBqIbyZGyCblergZxmM_XJkoS2QqO7uN2Nkk9UZs_YQEOgiMhJrmgX6ZRL_ht34AvE4nL00Tl8Z78

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENRVDUxR0otMVMtMkpCQg==&google_push=AavPq0N5hRQMUkFbKwQ_eYR3x0lBqIbyZGyCblergZxmM_XJkoS2QqO7uN2Nkk9UZs_YQEOgiMhJrmgX6ZRL_ht34AvE4nL00Tl8Z78
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 0344 0
45 B 229ms
48ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEI2rlLOOTLS0sK2_WBqNHJo&google_cver=1&google_push=AavPq0PtJ0bgelP1iZR8FZ3vH6s1Lo9F6RkGFoQXKmwmzAwbY0uZc2U0zcWM00b3J3P-GN4YRVMqOOVDNmlQkHhPayK6qfWDUJHF0FI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0768570393367504&output=html&h=280&slotname=9779320795&adk=1270934711&adf=4009394036&pi=t.ma~as.9779320795&w=998&fwrn=4&fwrnh=100&lmt=1673389897&rafmt=1&format=998x280&url=https%3A%2F%2Fwww.jecontacte.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673389897110&bpp=1&bdt=426&idt=356&shv=r20230109&mjsv=m202212050105&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=8021824300222&frm=20&pv=1&ga_vid=1119813433.1673389897&ga_sid=1673389897&ga_hid=1479401770&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071391%2C21065724&oid=2&pvsid=2722272760451783&tmod=1685845404&uas=0&nvt=1&ref=https%3A%2F%2Fwww.bing.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IHMslEwuj9&p=https%3A//www.jecontacte.com&dtd=358
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:38 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0344
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOCopsf53...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOC...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d2200e03-95e9-49d0-a771-5fd2e244daff&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

74ms
74ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d2200e03-95e9-49d0-a771-5fd2e244daff&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d2200e03-95e9-49d0-a771-5fd2e244daff&%%GOOGLE_PUSH_PAIR%%
date: Tue, 10 Jan 2023 22:31:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0344 0
49 B 122ms
72ms Image
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8XuH5ktTJWmKcD8SsGroQoKRl77q9ZWrCOzdgBO9cF7a5QHFHavh_3LU0Y3EMOgqcW3OrmA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 596A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

73ms
72ms

Document
text/html

2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 22:31:38 GMT
expires: Tue, 10 Jan 2023 22:31:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 22:31:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 0551 28 KB
28 KB 151ms
106ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:38:02 GMT
x-content-type-options: nosniff
age: 525216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:38:02 GMT

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame CA05 36 KB
16 KB 51ms
50ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:03:30 GMT

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 31BE 36 KB
16 KB 51ms
50ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:03:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 198ms
96ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cd12751232112954182ced2584019d965967307d96b59ceb83093d2ef1e80bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10975
x-xss-protection: 0

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4317 36 KB
16 KB 50ms
50ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:03:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 22:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 22:31:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C29F 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jecontacte.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 21:44:28 GMT
expires: Wed, 10 Jan 2024 21:44:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 10D6 783 B
536 B 48ms
48ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6aef1352c7d2a0364655b2517d7656db749802ba6e22123a65027c972a3bea5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xoU4X8qWjnx-GDDqznD3Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jecontacte.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-xoU4X8qWjnx-GDDqznD3Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 22:31:38 GMT
expires: Tue, 10 Jan 2023 22:31:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame C29F 36 KB
16 KB 51ms
50ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:03:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 10D6 0
0 83ms
82ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230109&jk=2722272760451783&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 87ms
87ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230109&jk=2722272760451783&bg=!2dql2p7NAAYDMoyoIzI7ACkAdvg8WnaYPbhfngmampAKMJwozb_nSKdJiyehYPMqfLREiwKl1nz8kgIAAABLUgAAAANoAQeZAp4TWxQ5suMmqTojuEN0cXCFDRoNpUbkLEfwCaF9B8Xxki1U5yqqxeBDtQit5bWdr1D090E9tqEswGSsOu_I3-8G_J2iPBXFxopzh2p5ihxBlzDcuaAiOTTyYxHRfsv2Z9Bp3V-vyUtl5bMim4c3vgDBc7W8KqFpDooqzjgfbT1LEYvp77civU600w5maBr73EKzs67bkRJxSE-C0_PlU2ecBMIAKe8I-eOZBSaehUXeMx3dDZNN1L8Efg8J2ma9L-64unlWDs-6zoE4HqxzLvpW8NX8ESgJnm-sFaBHREbVupC9vXZQDvEw3i3-_6NrRweYDHcRuybSJ17wmLOskcLUGF5XpFzubW77P6Vkui5JidJBo-ETZwRXfoVetPSnUFnhNlF2RlcQ8Y9kRT2WfkPG-jQ4nPsFxyHM-OyhFwT7ditimfP7ZQM4stkf278VSSvZFLtyUlKW5fkKd6J--NdlKtAVBQlszy6xGq0BR5R5ZLm8iWN2qrfOXsB85bKuvZr6vbpGkRfcqqXwEL6Q2NXFLpGVNEMCphG60ifILhvr6bq69P_R3GxofT7YHELXJkIXwdCXaVWO1oSGglI_3h_fcuf_rhCNuT9de_QEqZ_hef4O6z849guwdDNKoMBch3aoAStWGqoJULiRIOlLhoPYBc4ProJcCcJIxLCUI7V21PJ_LnPuvvtyr2_awNh_rlahh9W6y3uBWdcgESCT91tD2Va2BqB0qmxqpvfT_aBQ1pUV9jWCKlSKi2SGnHZkVAi8qqrjcZch3iP5pivUvxCOANQRBVsj8rYPEjT1T8pCe5bE2zOmATnmNH6wHpfkP9-vlnLPPII2D1wx1Tg7XmQ2p2Pl6ftIlbXpJBk3TXvjZMNzaC-tkUM7nthMeePZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jecontacte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE71 42 B
64 B 92ms
91ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstH7MUhSwZn1IoCLkt6OOGz88zqvmOlOukeT8XRse8XsAODlTWNmMJmxa10E95DX3KdhyPlIJBnRjWcKnE1f8th9kf5ZHs0fzO98mNHFUveV2qCmf8To_jHs5tIx6oL8fydWMR8Ug&sai=AMfl-YTiPblWnotMUbn5pbrnHNNLg6wDc9iHFFImgMZ3X9x6aFb_dng3ssbMOQS1s3bfH5L7bUU9wLn8FPbJqmYVLV4ObU-1UIuy0jiHMA&sig=Cg0ArKJSzMFk1PTHZ01zEAE&cid=CAQSKQDq26N98PPoNRpJVQtzOoybVNph1XlLRCOVyJAZgERdCQJ7dWHzIQlgGAEgEw&id=lidar2&mcvt=1000&p=0,0,280,998&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4088513138&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673389897463&rpt=1210&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 22:31:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEN2JlJo2MVSDlYxYmuJm6SU&google_cver=1&google_push=AavPq0M3RRV4CfPwEev0iu9hKC8kURWMta21EqXUlebo7wGLF-Zva163f5aEjeVuIyv_SKSH3dCskUzbR3lRMWuQ-Hgu-h7F5X5GuHB9

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jecontacte.com/	1970-01-20 08:59:54	Name: cookie_consent Value: warning
.jecontacte.com/	1970-01-20 10:59:25	Name: ref Value: https%3A%2F%2Fwww.bing.com%2F
.jecontacte.com/	1970-01-20 10:59:25	Name: _gcl_au Value: 1.1.851703274.1673389897
.jecontacte.com/	1970-01-20 18:25:49	Name: _ga Value: GA1.2.1119813433.1673389897
.jecontacte.com/	1970-01-20 08:51:16	Name: _gid Value: GA1.2.267736512.1673389897
.jecontacte.com/	1970-01-20 08:49:49	Name: _gat_gtag_UA_1368630_1 Value: 1
.jecontacte.com/	1970-01-20 18:11:25	Name: __gads Value: ID=9a5bc5b367641ff7-22a761553ddb0084:T=1673389897:RT=1673389897:S=ALNI_MZengr6Y8uNj5p5_sW3eRXQVjEKBQ
.jecontacte.com/	1970-01-20 18:11:25	Name: __gpi Value: UID=00000bbe35fd0079:T=1673389897:RT=1673389897:S=ALNI_MZ7BAF4rZSRcKEhBXa3rN4fGGxyYA
.doubleclick.net/	1970-01-20 18:11:25	Name: IDE Value: AHWqTUkhzhGCjWXz0aCn_BKu4jQxtphqOHvpSRspFl6vMfRGQDBLRdnYs6XqzZ95S80
.simpli.fi/	1970-01-20 17:36:52	Name: suid Value: 40CA2855E14E4E5DA99A6787B256327B
.de17a.com/	1970-01-20 17:28:13	Name: guid Value: 1.3895349616060192890
.doubleclick.net/	1970-01-20 08:49:53	Name: DSID Value: NO_DATA
.ctnsnet.com/	1970-01-20 17:35:25	Name: gid_CAESEF0GginKXBatm-aRxRUzT9M Value: 1
.ctnsnet.com/	1970-01-20 17:35:25	Name: cid_ce58819f0389488485fb31dda64c9ed0 Value: 1
.adform.net/	1970-01-20 09:34:28	Name: C Value: 1
.yahoo.com/	1970-01-20 17:35:47	Name: A3 Value: d=AQABBErnvWMCEMYRf4cCAkh9RKUF_QXkXDgFEgEBAQE4v2PHYwAAAAAA_eMAAA&S=AQAAAudzY_B0VMmmefgV6rOGeII
.turn.com/	1970-01-20 13:09:01	Name: uid Value: 3347276083087825814
.bidswitch.net/	1970-01-20 17:35:25	Name: c Value: 1673389898
.bidswitch.net/	1970-01-20 17:35:25	Name: tuuid_lu Value: 1673389898
.bidswitch.net/	1970-01-20 17:35:25	Name: tuuid Value: d2200e03-95e9-49d0-a771-5fd2e244daff
.adnxs.com/	1970-01-20 10:59:25	Name: uuid2 Value: 971479005960476697
.adform.net/	1970-01-20 10:16:13	Name: uid Value: 682015001893829288

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
adservice.google.de
c1.adform.net
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
r.turn.com
s.ad.smaato.net
secure.adnxs.com
ssbsync.smartadserver.com
sync-tm.everesttech.net
tpc.googlesyndication.com
um.simpli.fi
www.bing.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.jecontacte.com
www.jecontacte.org
x.bidswitch.net
sync-tm.everesttech.net
142.251.39.66
143.204.215.89
185.86.139.93
185.89.211.132
2001:4860:4802:38::178
2001:678:cb4:bbbb::11
213.155.156.165
2600:9000:214f:2400:1b:5138:8a40:93a1
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2001
2a00:1450:4001:828::2008
2a00:1450:400d:804::2002
2a00:1450:400d:806::2002
2a00:1450:400d:806::2003
2a00:1450:400d:806::200a
2a00:1450:400d:80e::2003
2a02:fa8:8806:20::2010
2a05:d018:d29:3605:a34a:22f4:ffd2:b8d7
35.186.193.173
35.204.158.49
35.71.131.137
37.157.6.233
51.75.86.98
52.4.80.147
52.58.161.171
69.173.144.139
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be6c9213ea3831b72c85f777472cb38477c74aac74037d30bfdcf6556f0bf2c
0c78fb238f4765fad72daefbafc7d75d50621da4e5db2e4659588be95d49c02e
141d683de15ee9b6f8d1df493812bb8174a02257f4d4c1ff843ee8c10f79fb2b
162ce28ae01cdf2bcc85b71e7b8ad919302e24773b80f49015e4a211dc306209
16991c9a270f0ed72c8286683d77f30b8cda55b62c04c2ca47d961893635c539
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a202582a4b0a18d10d0ed5acef0857ff4c4a71f1494667a19994d847636f233
1aef984b9d4fa8c0a3de108947a79c6d0bae156971c0fc7426692baa679634e1
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
2cd12751232112954182ced2584019d965967307d96b59ceb83093d2ef1e80bb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
488f3df1f027c15bea4d1a3ba8f8a7b6dcd4743bb16df4e53ba274036327f043
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49a0a2e36b940dbfb52c8d21f5381509f97265c349954c68448c7454d6c5b4f9
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4f4e5fc6ae7bf56e7c0dabebe1f2b1a7c7af1eeb8064119566a1540e40c0a60a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b6884a8839e12951c695efcc41e31a27abfac707e5dd6588a9032268ca96c9
5d761c591c964cfda7a471f59818fc65973c87209e743198dd6ca315fa5eba34
5ea3f6b296783c77ef3b4c93f12de354db1b811e0038703a16bce2a44a091675
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65dde8fc25855c7b45c2eaa24f725a2bed8742af9e348eda8d8b3c4e3b6f7e5b
667f1ede70b5aa19559bec6550f522ac8e02d540633c671e0c558bf894925eac
669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67
6aef1352c7d2a0364655b2517d7656db749802ba6e22123a65027c972a3bea5e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71adc001e72831a0b0cfbf8207a5738d538c47462a524cfabd7844e3fbe29d80
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4667dba2a203d28710eb217ab0f81b8b573affebdc0b75403feac41f90f5ade
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ac8299a8f56fa0cc5e561f2288e10a6e3a6403c9c8a3cd9c851e8c84a91d47c1
acc119d2de19b043673208b4781b7b2321af6347a3532ec8f5a298b14da03ce5
b05f23e0e8157e44ba5202cd2ec7a29e36b3c8a444d7b37e7b25fe53af4f3bd7
b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43
b3ce9d98399174a9d9ceb0776bc50e13b1ab64b2b6ff90c2ea91da964c6aa1d2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bcaa811413cfda9857978a7adc853dbc806de87fd2434f9d01130857c9875815
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
cfbc3c8fa4a363800a5d350ac3e637eb8d2db49ef3085b4259f58fa47857d19a
d230b2d57daca8d69e8997db95487293b8c195a9fb4a4beb798ac4c58415afae
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db25f05e4b01bc0a7b54e7a5ba2536ea236bf2536a0b76e1b1462b20697c7867
de69501c8963f46c35adfaf8cf4146fa051505c010f5ac639f8cae8fa0bf5683
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed3e1a0aff05ef306f10b0326d813d72344f84a015aa94aa344def8f527219a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f154d77e3c08b7233e2fb2686a780a82ddc96a50a14eb92e9e405862d9b66dd0
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fd832901bb5530088cee5cab69cacbeb7e7a9f0de769c382b18e40a98caada3a

www.jecontacte.com Open in urlscan Pro 52.4.80.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

84 %HTTPS

55 %IPv6

28 Domains

34 Subdomains

21 IPs

9 Countries

1089 kBTransfer

2464 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.jecontacte.com Open in urlscan Pro
52.4.80.147 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

84 %
HTTPS

55 %
IPv6

28
Domains

34
Subdomains

21
IPs

9
Countries

1089 kB
Transfer

2464 kB
Size

22
Cookies

106 HTTP transactions
7 data transactions