ngembassy.info Open in urlscan Pro
103.72.77.63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ngembassy.org/
Effective URL:
https://ngembassy.info/
Submission: On October 07 via api (October 7th 2022, 12:20:03 pm UTC) from FR — Scanned from FR

Summary HTTP 176 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 26 domains to perform 176 HTTP transactions. The main IP is 103.72.77.63, located in United States and belongs to A2HOSTING, US. The main domain is ngembassy.info.
TLS certificate: Issued by R3 on August 10th 2022. Valid for: 3 months.

This is the only time ngembassy.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	103.72.77.63 103.72.77.63	55293 (A2HOSTING) (A2HOSTING)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
28	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
5 5	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
15	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	185.64.190.78 185.64.190.78	() ()
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:4c06:9c07:4ce5:8122	() ()
2 2	34.98.67.61 34.98.67.61	() ()
2	2606:4700:20:... 2606:4700:20::ac43:444e	() ()
4 8	95.131.136.1 95.131.136.1	() ()
2	192.229.220.129 192.229.220.129	() ()
176	25

27 103.72.77.63 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: m.server48.com

ngembassy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ngembassy.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (Lovettsville, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.ckeditor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.227.252.103 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 5 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:4c06:9c07:4ce5:8122 (None, )

ASN- ()

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (None, ) 2 redirects

ASN- ()

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (None, )

ASN- ()

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.131.136.1 (None, ) 4 redirects

ASN- ()

jpp.aircaraibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
znl.maisonic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.220.129 (None, )

ASN- ()

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	496 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25287 ad4m.at — Cisco Umbrella Rank: 8491 assets.ad4m.at	871 KB
28	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 304	168 KB
26	ngembassy.info ngembassy.info	263 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com	114 KB
6	metaffiliation.com 4 redirects action.metaffiliation.com img.metaffiliation.com	271 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	265 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19	1 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 703	5 KB
5	openx.net 5 redirects rtb.openx.net — Cisco Umbrella Rank: 2302	977 B
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	4 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 112563 static-de.ad4mat.net	7 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 493	1 KB
3	pubmatic.com image6.pubmatic.com	248 B
3	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1504	1 KB
2	maisonic.com znl.maisonic.com	4 KB
2	aircaraibes.com jpp.aircaraibes.com	4 KB
2	mookie1.com 2 redirects odr.mookie1.com	1 KB
2	innovid.com ag.innovid.com	593 B
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 25800	914 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	281 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2144	346 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	75 KB
1	ckeditor.com cdn.ckeditor.com — Cisco Umbrella Rank: 39931	161 KB
1	ngembassy.org 1 redirects ngembassy.org	278 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
176	26

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
26	ngembassy.info	ngembassy.info
15	cm.g.doubleclick.net	googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	ngembassy.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ngembassy.info
12	assets.ad4m.at	as.ad4m.at
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	ssum-sec.casalemedia.com	5 redirects
5	rtb.openx.net	5 redirects
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	action.metaffiliation.com	4 redirects
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	pixel.rubiconproject.com	3 redirects
3	image6.pubmatic.com	googleads.g.doubleclick.net
3	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	znl.maisonic.com	as.ad4m.at
2	img.metaffiliation.com	as.ad4m.at
2	jpp.aircaraibes.com	as.ad4m.at
2	static-de.ad4mat.net	as.ad4m.at
2	odr.mookie1.com	2 redirects
2	ag.innovid.com	googleads.g.doubleclick.net
2	prod-rtb.ad4mat.net	ngembassy.info
2	p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com
2	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ngembassy.info
1	cdn.ckeditor.com	ngembassy.info
1	ngembassy.org	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
176	35

This site contains links to these domains. Also see Links.

Domain
ngspan.com

Subject Issuer	Validity	Valid
ngembassy.info R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
cdn.ckeditor.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-08-16` - `2022-11-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
jpp.aircaraibes.com Gandi Standard SSL CA 2	`2022-08-18` - `2023-09-02`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://ngembassy.info/
Frame ID: F09AD8886A0E199C5A8C7C27BA1EADD4
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
Frame ID: 939530D2A9CFACE4F5DC9BD962342EFA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&adk=1812271804&adf=3025194257&lmt=1665145193&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fngembassy.info%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145193315&bpp=7&bdt=764&idt=153&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5670540956391&frm=20&pv=2&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=176
Frame ID: 452DBDE768AA1C3AAD9D54D444CD91E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145193&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145193323&bpp=1&bdt=771&idt=173&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=V7VQwdKe6m&p=https%3A//ngembassy.info&dtd=178
Frame ID: 3F9728919560F9EBE6A342B12FA5A044
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30
Frame ID: 1DFC07EB16EC04F13DDF232E956410D5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35
Frame ID: ABD68A0B72F738B7886E236E9BBE8223
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ESR63laR5k&p=https%3A//ngembassy.info&dtd=39
Frame ID: 05E42484EEECA4560D6A752BFE47D2A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1
Frame ID: E7F77A5CBCDE49388CCA0336A0C68159
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1
Frame ID: B99B68E912C09F04FE9BF618EE9C9D12
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A015EC158C970444B6EB974D6052D0E6
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Frame ID: 35FB24DB43AA48E48AE9FDC29027708F
Requests: 1 HTTP requests in this frame

Frame: https://p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: DCC87E74962765E7C838BF12F0733B05
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Frame ID: EED4981E0DD0CC9570B0ED9C6761DEC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CmswQahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTAAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDXiWSFQh0xZ42fBeZYvDJs67kFShrQ1wnYKlFb9JpdGxuL1_A9NWIAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=WgLdW-U1ro8&uach_m=[UACH]&cid=CAQSPACsnQUxWdtMnSFPQEtPBwRXy8o4GIMlKAIa2IDzJcY2_0rtdUvlphsLkaUCE64TMtst3sJ5q3uzCU2sKxgBIBM
Frame ID: BB4F3927DA48774D9BF49FBDA6DE4406
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1knzpak3ykfgt99h38nz40ndcppan466rfy4kvs16805aa8fqfddwteqr95w30wrzvyrte5z1xtraw6rx7k72syrhb4wjt8h3jy5sd8ksfcvmjjry5wxtn3c68f6s0s7as3s083ehdsk4cfd9a9y6nrp6z9wjr4regbhnr12rtdz2vmpqwwsvfz80rzwdpvthms2t76ba3004wwjst4vqfj7aca723me7zpzm0x2jr223emgmzt7m1wdh0c5vxs2qjyvk6gb6hg0kj2vcjnpzpz5k3x77k0d34qqbtdywh0d6yggbmp4ne333eew5jek754s5d0m1jqrv785k0fffqzsf9pw65n5g3bgqhn20nbsq4syavzk075mzejmpk1gv4tm2p057y8xsf67vc82ng94pb6rd2q4c55cnrkt61e6kyar6dw3nx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%26client%3Dca-pub-2910357982650786%26adurl%3D
Frame ID: CEDAA47128E3753470FFBC2207C855C1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6248211D8E9BFF12C656ECC0C9C85AB5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cs7tbahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMABT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Rv5vd2CU4ACNIUzQ4TnoioaKMbD3l6lrEkFQ56D948eoNpes6dqgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI5MTAzNTc5ODI2NTA3ODYYAA&sigh=hNClS666sUs&uach_m=[UACH]&cid=CAQSPACsnQUx73OaLk7U41uFYcLLHlM1xWiSPL6I4uQq0Iqtu_61cIBYgky6TjnF3egsso3cOxSPZfQjuTC17BgBIBM
Frame ID: 82C7AC07A86493A6E4D290FCF4045D02
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k7d4znxjw8p6c5rpp6pwypsdkr6wtf8t19p60v2ahxc9vbdxpv9mwqdy7b5bp23g8hjg0es8mzmjh7sjtsgbx8xjtpv0sarxng0my8ysenenzdbkw2j438xs5w2cnnftydqknp81vy7db0rw8q0qz84s0z7f70cyd3ndzfwq9wayfsr26yt32c033dw5pvy7w4c3fbks3jh0d93e5zkgawwg0qftnw43yz8nw1besvy2vkyrj32mhr9k33pk2kd53ay8ftrxpx5m9xshj7413t29m7xa6xdghqyemr1zt51b8442w81f0j1y6j22z8ny0tctwnmhx4z2dmzrsbkg763yq35ay8ztmpz522dzx5skjm687gmxkqcx8d8eszy1fvv322t173g8ax1ceqrmxscdes3cpgvpym6y9g65dz0p2znv0ymk9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%26client%3Dca-pub-2910357982650786%26adurl%3D
Frame ID: DE133680122C3CE8032274AB85EDEF37
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1ACAB62B9E9266074175097EF6501647
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F61F0315029474DD1C03DA80639EA49
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Frame ID: B220895E0D2E2563BEAEA2983B5CAA8C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2EFFAAC4D0D7D6505BA4BDAD55209EFB
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7628DEDABAF128B4E4AD9BABBD441B33
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Frame ID: 7EAB7878CD7D0D76F0966A62A5F54F60
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6F6C64DD30E901CA88B0E64A28AD3CFD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B7EDFBD766EEBA51156DC22EDA1D29A5
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Frame ID: 39C833448D87C24FCD96660483410F4C
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Frame ID: D8116A055A4CD6CE7D3D0979CCC5C5EC
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ngEmbassy : Integrated Information Portal

Page URL History Show full URLs

http://ngembassy.org/ HTTP 301
https://ngembassy.info/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

176
Requests

90 %
HTTPS

61 %
IPv6

26
Domains

35
Subdomains

25
IPs

3
Countries

2703 kB
Transfer

5987 kB
Size

29
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ngspan.com/
Title: cookie script

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ngembassy.org/ HTTP 301
https://ngembassy.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://rtb.openx.net/sync/dds?google_gid=CAESEB7nI-Y-izd10pHh3oxhjFI&google_cver=1&google_push=AZmPxg-SxtLKVbWFUn-tNEPMBAOPlQVHzUQXscFQhUhL2tL4jGYqZBy_fzRqa6PhBMgLs6i_CimXCCIsMhWxEDBwTF_hjLQFiRs HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEB7nI-Y-izd10pHh3oxhjFI&google_cver=1&google_push=AZmPxg-SxtLKVbWFUn-tNEPMBAOPlQVHzUQXscFQhUhL2tL4jGYqZBy_fzRqa6PhBMgLs6i_CimXCCIsMhWxEDBwTF_hjLQFiRs&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg-SxtLKVbWFUn-tNEPMBAOPlQVHzUQXscFQhUhL2tL4jGYqZBy_fzRqa6PhBMgLs6i_CimXCCIsMhWxEDBwTF_hjLQFiRs&google_hm=JeZ4aEF1ylMRez6xchrKcg==

Request Chain 115

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECosGxFE56qpH664ZvtYz38&google_cver=1&google_push=AZmPxg8C7h-fAaDj3462e3k5qDUw3YeL3tA1AoEUSsxNnkmDHLnd4Za1z5tjO0Bj4ncR5zRV71Ewlv8aIMmC82oQq2J4Ks2GRS0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZR0dGTjYtVS04OElZ&google_push=AZmPxg8C7h-fAaDj3462e3k5qDUw3YeL3tA1AoEUSsxNnkmDHLnd4Za1z5tjO0Bj4ncR5zRV71Ewlv8aIMmC82oQq2J4Ks2GRS0

Request Chain 116

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_cver=1&google_push=AZmPxg-rfvSdsyHy9K9m0Qh-ljLoF3hmMuj2iKNKxmNuJoLf6yaNv1mAloCqQaVTf6pJtsrJumImQyI63NTVcfukwPvqutVqCoQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_push=AZmPxg-rfvSdsyHy9K9m0Qh-ljLoF3hmMuj2iKNKxmNuJoLf6yaNv1mAloCqQaVTf6pJtsrJumImQyI63NTVcfukwPvqutVqCoQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_hm=Y0AZa7P61PUbZj7EIQwHYQAADS8AAAIB&google_nid=index&google_push=AZmPxg-rfvSdsyHy9K9m0Qh-ljLoF3hmMuj2iKNKxmNuJoLf6yaNv1mAloCqQaVTf6pJtsrJumImQyI63NTVcfukwPvqutVqCoQ

Request Chain 124

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECwXjgq1OFHjHeatr-cbtpM&google_push=AZmPxg_wyXScVg5wDiBqb0Fyk_oRyGkgKKILCrOdnVXnkj6Jru1FJkAMt214oukZBMKdWb_cnlPFTTfpakVEjOViNSQiuzv_RpCm&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AZmPxg_wyXScVg5wDiBqb0Fyk_oRyGkgKKILCrOdnVXnkj6Jru1FJkAMt214oukZBMKdWb_cnlPFTTfpakVEjOViNSQiuzv_RpCm&google_hm=MTA4MTA0Njg2OTU0MjAzMjcwMjc

Request Chain 125

https://rtb.openx.net/sync/dds?google_gid=CAESEB7nI-Y-izd10pHh3oxhjFI&google_cver=1&google_push=AZmPxg9SjEuLHqRmaYhCWPVUE04zMp3zRpFZnrlQD7VBCbm0eZhfulohTmPD_GYA7eIxNB6uGQm01NfZMhnCtvfKDmZJVYUZtWjn HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEB7nI-Y-izd10pHh3oxhjFI&google_cver=1&google_push=AZmPxg9SjEuLHqRmaYhCWPVUE04zMp3zRpFZnrlQD7VBCbm0eZhfulohTmPD_GYA7eIxNB6uGQm01NfZMhnCtvfKDmZJVYUZtWjn&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg9SjEuLHqRmaYhCWPVUE04zMp3zRpFZnrlQD7VBCbm0eZhfulohTmPD_GYA7eIxNB6uGQm01NfZMhnCtvfKDmZJVYUZtWjn&google_hm=JeZ4aEF1ylMRez6xchrKcg==

Request Chain 127

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECosGxFE56qpH664ZvtYz38&google_cver=1&google_push=AZmPxg_S54ir0lzwY7PPETxyBiGvYyPbKJRgLOUCjz2ub0HxVOz7XqDNdULL59Nn-pnhqE4ClxK27hy88kvH0SsmuljxgTbwsmV9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZR0dGT0QtMTEtMzROWQ==&google_push=AZmPxg_S54ir0lzwY7PPETxyBiGvYyPbKJRgLOUCjz2ub0HxVOz7XqDNdULL59Nn-pnhqE4ClxK27hy88kvH0SsmuljxgTbwsmV9

Request Chain 128

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_cver=1&google_push=AZmPxg8vMoUnbxG50saEFF6hvnXjO-TJ0gaT3PJI7IWMj0oNl1zqnE0dhqPqjOroGrnqUnnLgw17FjMn4RJyGAnOxMEhRCMQIKQK HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_push=AZmPxg8vMoUnbxG50saEFF6hvnXjO-TJ0gaT3PJI7IWMj0oNl1zqnE0dhqPqjOroGrnqUnnLgw17FjMn4RJyGAnOxMEhRCMQIKQK&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_hm=Y0AZa7P61PUbZj7EIQwHYQAADS8AAAIB&google_nid=index&google_push=AZmPxg8vMoUnbxG50saEFF6hvnXjO-TJ0gaT3PJI7IWMj0oNl1zqnE0dhqPqjOroGrnqUnnLgw17FjMn4RJyGAnOxMEhRCMQIKQK

Request Chain 135

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELAICJNlYK4lTCB9PQOpvk4&google_cver=1&google_push=AZmPxg-TavpugAticW8vjk8I48FBb1gUwGecKF6EpxGP7mO4-35kwo08LC_lj1Z7NRYZsSs8fGWm_Ru2VqESTFrQqiNS-9Gp4SfC HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-TavpugAticW8vjk8I48FBb1gUwGecKF6EpxGP7mO4-35kwo08LC_lj1Z7NRYZsSs8fGWm_Ru2VqESTFrQqiNS-9Gp4SfC&google_hm=A5bvdPE2Qb-zPeEenU46dg

Request Chain 136

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECwXjgq1OFHjHeatr-cbtpM&google_push=AZmPxg9BWNsWcSVgZP1XOfisslVcwgtiJYWjl9E9toikIveLPA3H5erD3J2zNtbqe3043r1Ex3qvkw06AncBRcTlxeJKMfl5WU-S&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AZmPxg9BWNsWcSVgZP1XOfisslVcwgtiJYWjl9E9toikIveLPA3H5erD3J2zNtbqe3043r1Ex3qvkw06AncBRcTlxeJKMfl5WU-S&google_hm=MTA4MTc0MzUyMDAyMzIzMzQwNTE

Request Chain 137

https://rtb.openx.net/sync/dds?google_gid=CAESEB7nI-Y-izd10pHh3oxhjFI&google_cver=1&google_push=AZmPxg8pzWK3TG7c1lxsmZ4ySHhbTyC2R62bITiNcaWAKWtragBp3B_PUL3ySkpKpQZ04h1VDK5zA0YL0W5mK74nAKRbnI39ImJa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8pzWK3TG7c1lxsmZ4ySHhbTyC2R62bITiNcaWAKWtragBp3B_PUL3ySkpKpQZ04h1VDK5zA0YL0W5mK74nAKRbnI39ImJa&google_hm=JeZ4aEF1ylMRez6xchrKcg==

Request Chain 139

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECosGxFE56qpH664ZvtYz38&google_cver=1&google_push=AZmPxg836it0DUtDh4UK6a-ioqob9POalBiKHkcfv7lf0g1BtGN-hMErBfOR8vuYt-I_XD5_z9kN3jtJOmWJK7wFK4Q-5RrCEW1Z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZR0dGT1ctMVctQjhQRg==&google_push=AZmPxg836it0DUtDh4UK6a-ioqob9POalBiKHkcfv7lf0g1BtGN-hMErBfOR8vuYt-I_XD5_z9kN3jtJOmWJK7wFK4Q-5RrCEW1Z

Request Chain 140

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_cver=1&google_push=AZmPxg8YSrzjrdL_2TOiVH0odkCOjV0skzNUDJHkVoQEvJrrM6f4kkinEooZZgqCZCLfUek7UowUmbjnS2WsD3fbRlNIE6vy9zk HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_hm=Y0AZa7P61PUbZj7EIQwHYQAADS8AAAIB&google_nid=index&google_push=AZmPxg8YSrzjrdL_2TOiVH0odkCOjV0skzNUDJHkVoQEvJrrM6f4kkinEooZZgqCZCLfUek7UowUmbjnS2WsD3fbRlNIE6vy9zk

Request Chain 167

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

Request Chain 170

https://action.metaffiliation.com/trk.php?taff=P4F5F156C8631715&argsite=oneidkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsRoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://znl.maisonic.com/trkr.php?taff=P4F5F156C8631715&argsite=oneidkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsRoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Request Chain 177

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

Request Chain 180

https://action.metaffiliation.com/trk.php?taff=P4F5F156C8631715&argsite=oneidkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsRoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://znl.maisonic.com/trkr.php?taff=P4F5F156C8631715&argsite=oneidkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsRoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

176 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ngembassy.info/
Redirect Chain

http://ngembassy.org/
https://ngembassy.info/

38 KB
8 KB

2963ms
296ms

Document
text/html

103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: ccb415e54af1fbb92f30d06069c7b0d85cc0334380adf7986d67984535261802

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 7758
Content-Type: text/html; charset=UTF-8
Date: Fri, 07 Oct 2022 12:19:51 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
Vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 07 Oct 2022 12:19:48 GMT
Keep-Alive: timeout=5, max=100
Location: https://ngembassy.info/
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips

GET
H/1.1 200
OK bootstrap.min.css
ngembassy.info/themes/default/assets/bootstrap/css/ 115 KB
19 KB 119ms
112ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/bootstrap/css/bootstrap.min.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 889087766998e260a22f5c5ccbc7f2e03b168c780bcd7a922b66581241a3ecad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Jun 2021 03:38:06 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1caa7-5c4d9d18a4380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19287

GET
H/1.1 200
OK font-awesome.css
ngembassy.info/themes/default/assets/font-awesome/css/ 32 KB
7 KB 117ms
111ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/font-awesome/css/font-awesome.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "7e3e-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6423

GET
H/1.1 200
OK select2.min.css
ngembassy.info/themes/default/assets/plugins/select2/ 15 KB
2 KB 232ms
112ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/select2/select2.min.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 6657a7d3ac4506ce3b0ca9234df4f63b6bff8e94e92f21f9d77921b166fc6925

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "3a3d-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1920

GET
H/1.1 200
OK _all-skins.min.css
ngembassy.info/themes/default/assets/dist/css/skins/ 41 KB
4 KB 333ms
108ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/css/skins/_all-skins.min.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 4736672260ab0cf94ad37de85f33a0c5aeb75d70320fc6480956680a1ef41f31

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "a554-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3301

GET
H2 200 ckeditor.js Show response
cdn.ckeditor.com/4.5.2/full/ 542 KB
161 KB 236ms
115ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ckeditor.com/4.5.2/full/ckeditor.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.234.175.175 Lovettsville, United States, ASN30081 (CACHENETWORKS, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 0215 /

Resource Hash

89966b7626c91cec9320b8ce54ae79db5de05e602b578475fd748e0ea042c35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:52 GMT
x-cf-tsc: 1665145193
x-content-type-options: nosniff
x-cf3: H
cf4ttl: 604800.000
content-encoding: gzip
x-cf1: 28810:dB.waw1:co:1663772073:cacheN.waw1-01:D
content-length: 164316
x-xss-protection: 1; mode=block
x-cf2: M
last-modified: Tue, 04 Aug 2015 13:14:26 GMT
server: CFS 0215
x-cff: B
x-frame-options: sameorigin
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf4age: 345650
accept-ranges: bytes
x-cf-rand: 34.614
expires: Mon, 10 Oct 2022 12:19:02 GMT

GET
H/1.1 200
OK hover.css
ngembassy.info/themes/default/assets/dist/css/ 102 KB
7 KB 342ms
115ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/css/hover.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 685454498ab464c992327759a925959c1360d694f00f18f7fc951c7abd63c0a9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1971f-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7203

GET
H/1.1 200
OK custom.css
ngembassy.info/themes/default/assets/dist/css/ 40 KB
7 KB 344ms
113ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/css/custom.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: c6d209ce80af1a13e14a1d75f7311497df5f97de026bfa12295186dffdfdb1f5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Oct 2021 22:47:08 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "9fa1-5cf99b938b300-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7222

GET
H/1.1 200
OK jQuery-2.1.4.min.js Show response
ngembassy.info/themes/default/assets/plugins/jQuery/ 82 KB
29 KB 355ms
122ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/jQuery/jQuery-2.1.4.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "14979-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 29532

GET
H/1.1 200
OK jquery.inputmask.js Show response
ngembassy.info/themes/default/assets/plugins/input-mask/ 88 KB
16 KB 346ms
113ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/input-mask/jquery.inputmask.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a69d282071d6718929c2115e5220aeb7537c3affe7a04ee35ae814eac245574c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "161ab-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 15666

GET
H/1.1 200
OK jquery.inputmask.date.extensions.js Show response
ngembassy.info/themes/default/assets/plugins/input-mask/ 22 KB
3 KB 441ms
108ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/input-mask/jquery.inputmask.date.extensions.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 14e8ff6d39adcaf4db1b200db29915a4a00744f27fd10614ef6f49949f534edc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "591e-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2827

GET
H/1.1 200
OK jquery.inputmask.extensions.js Show response
ngembassy.info/themes/default/assets/plugins/input-mask/ 5 KB
2 KB 455ms
113ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/input-mask/jquery.inputmask.extensions.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a58091f89f887419568e3fb01d7af0345757db9c225040f1493a4238ad161b0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "14c3-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1197

GET
H/1.1 200
OK custom_css
ngembassy.info/ 24 KB
5 KB 460ms
228ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/custom_css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.37
Resource Hash: 00eb6ce2456c0dd817a87b3e7f7934ddcd91a2b29f304d1cd98cf319b4a38306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.6.37
Vary: Accept-Encoding,User-Agent
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 4420
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
75 KB 107ms
46ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6HX21LM9FM

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c88e6efcd7b36b4f18725cbc7b5e71cb654bca6e3bb76fe886aead81c69cdf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75890
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Oct 2022 12:19:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
54 KB 138ms
76ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d771e5f095f5a34cb3aa6d1b6fb01fe008e6bb993234f530634a1ec465eaf07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54818
x-xss-protection: 0
server: cafe
etag: 4768564063414373211
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 12:19:53 GMT

GET
H/1.1 200
OK title_logo_embassy.png
ngembassy.info/uploads/ 2 KB
2 KB 220ms
121ms Image
image/png 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngembassy.info/uploads/title_logo_embassy.png
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a611eeac1a9d8bfd87c5a827d376f84dd2f9804dbe00dc445a26006cce941c8a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Last-Modified: Mon, 14 Dec 2020 00:42:02 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "800-5b661e9136a80"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2048

GET
H/1.1 200
OK bootstrap.min.js Show response
ngembassy.info/themes/default/assets/bootstrap/js/ 35 KB
10 KB 114ms
114ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "8c6f-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9539

GET
H/1.1 200
OK select2.full.min.js Show response
ngembassy.info/themes/default/assets/plugins/select2/ 70 KB
20 KB 118ms
118ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/select2/select2.full.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 4b43924b55481613b8536446f4fe4ad13b80a63f265ba25830614555b08d68fc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "11604-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20119

GET
H/1.1 200
OK moment.min.js Show response
ngembassy.info/themes/default/assets/plugins/daterangepicker/ 34 KB
12 KB 115ms
114ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/daterangepicker/moment.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "87b1-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11869

GET
H/1.1 200
OK daterangepicker.js Show response
ngembassy.info/themes/default/assets/plugins/daterangepicker/ 52 KB
10 KB 114ms
112ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/daterangepicker/daterangepicker.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 9730fbde9ce805bcadb096de2dd86e0205dd5a87b3ab6b0433e65873d63d428c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "d1af-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 9373

GET
H/1.1 200
OK bootstrap-timepicker.min.js Show response
ngembassy.info/themes/default/assets/plugins/timepicker/ 15 KB
4 KB 112ms
110ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/timepicker/bootstrap-timepicker.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: dc57a413d6bfd7f70b10453e990af4389e9e6f08c2b58aa30097d855e6260f52

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "3c5d-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3494

GET
H/1.1 200
OK icheck.min.js Show response
ngembassy.info/themes/default/assets/plugins/iCheck/ 4 KB
2 KB 116ms
114ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/iCheck/icheck.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "11a4-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2161

GET
H/1.1 200
OK jquery.slimscroll.min.js Show response
ngembassy.info/themes/default/assets/plugins/slimScroll/ 6 KB
2 KB 133ms
128ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/slimScroll/jquery.slimscroll.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: f7534a3e962da708c7b8a3b5f122669e4688a1c17f86e9fdb1b2684edca4f351

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1856-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2062

GET
H/1.1 200
OK fastclick.min.js Show response
ngembassy.info/themes/default/assets/plugins/fastclick/ 9 KB
3 KB 129ms
129ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/fastclick/fastclick.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "2248-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2831

GET
H/1.1 200
OK app.min.js Show response
ngembassy.info/themes/default/assets/dist/js/ 9 KB
3 KB 128ms
127ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/js/app.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a103c9f033863dc4bfd397f87a47fc652b7d6c8fb3278e2bdb0f30c963601d99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "2402-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2863

GET
H/1.1 200
OK imagelightbox.js Show response
ngembassy.info/themes/default/assets/dist/js/ 9 KB
3 KB 123ms
123ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/js/imagelightbox.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 55a32cd3aa02ede12a27bff30307abee7970cbc2f0e3410ef14176d09a1db15e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "25d4-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2488

GET
H/1.1 200
OK custom_js Show response
ngembassy.info/ 16 KB
16 KB 203ms
202ms Script
text/style 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/custom_js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.37
Resource Hash: b88e2b045e3c6cb809fe254fb2fc1828639ed5ef95ce4fba582da56a693efd9c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Oct 2022 12:19:52 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.6.37
Vary: User-Agent
Transfer-Encoding: chunked
Content-Type: text/style;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cookieinfo.js Show response
ngembassy.info/scripts/ 7 KB
3 KB 114ms
112ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/scripts/cookieinfo.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: c16ce1c562a94558b9ef3c5047912c52b7d7864ba3198d39fafb8eaf87ccfa56

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Nov 2021 22:02:28 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1dc9-5d0daf6f12500-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2984

GET
H/1.1 200
OK fontawesome-webfont.woff2
ngembassy.info/themes/default/assets/font-awesome/fonts/ 63 KB
63 KB 204ms
112ms Font
font/woff2 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/themes/default/assets/font-awesome/css/font-awesome.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://ngembassy.info/themes/default/assets/font-awesome/css/font-awesome.css
Origin: https://ngembassy.info
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:52 GMT
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "fbd0-56f6c65a4bf00"
Vary: User-Agent
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 64464

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 86ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6HX21LM9FM&gtm=2oea50&_p=1614520646&cid=1003399831.1665145193&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665145193&sct=1&seg=0&dl=https%3A%2F%2Fngembassy.info%2F&dt=ngEmbassy%20%3A%20Integrated%20Information%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HX21LM9FM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ngembassy.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 349 KB
115 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2910357982650786&plah=ngembassy.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf43b583ccf3a5db6dd06b3c50eb8bd0cd144e91e32ea2a985f1c6b6a0d058f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117214
x-xss-protection: 0
server: cafe
etag: 7170043558596262225
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 12:19:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/ Frame 9395 10 KB
5 KB 86ms
26ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 16904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 07:38:09 GMT
etag: 9671129459699598864
expires: Fri, 21 Oct 2022 07:38:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
281 B 35ms
34ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ngembassy.info&callback=_gfp_s_&client=ca-pub-2910357982650786

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2910357982650786&plah=ngembassy.info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae576fc81179b29dd976c1044f9df5946e1b0c8ccbb64b25d0773492808a0ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 97ms
36ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 103ms
43ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 452D 251 KB
63 KB 923ms
869ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&adk=1812271804&adf=3025194257&lmt=1665145193&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fngembassy.info%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145193315&bpp=7&bdt=764&idt=153&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5670540956391&frm=20&pv=2&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=176

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a9692aaf23bc755fb9d175c94afb0e53b7de402d5ee6fb4ceedb56353fd1f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 64170
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:19:54 GMT
expires: Fri, 07 Oct 2022 12:19:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3F97 91 KB
31 KB 809ms
764ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145193&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145193323&bpp=1&bdt=771&idt=173&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=V7VQwdKe6m&p=https%3A//ngembassy.info&dtd=178

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

676d8ac5677bc1943beb34ded860b095fa782c33257fe00b8ed4ae425e60ae38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31834
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:19:54 GMT
expires: Fri, 07 Oct 2022 12:19:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 css
fonts.googleapis.com/ Frame 3F97 8 KB
1 KB 118ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145193&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145193323&bpp=1&bdt=771&idt=173&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=V7VQwdKe6m&p=https%3A//ngembassy.info&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 12:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 10:21:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 12:19:54 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 3F97 2 KB
982 B 103ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:18:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3F97 0
0 72ms
71ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcL12aRlAY9LYI7it1fAP0Pe-6ASw2eXqbKPn09LPEJaCzYWIFhABIMr-1ocBYPsBoAGG1NWYKMgBCagDAcgDywSqBM4BT9BA299liJvTE80sMIdkvvAoqnGXSteyU6hqthrfrNJz8Ms0Pvj9EV3kr3O0qgTXF6LvwQlWEHhKLtXTqzELbYr4Z7yGgkSH9ORRX6_9Q7Dsv7hAI7u_Kvf6WmcmYovZYQ2fVgDzvbuYwJionykksfb3KHvROQKIolgWkM0t0nqMKzTLGrud2zriaVsEO7BWsPOzSAA8t6TGotMMiZ0bgQVbkqBtzEOc0Q3GCDpjRP08-ZZnHXEvebt6S8ktsQdVQEODWYcnZ9Z9wRVCzQHABJbA9fqLBJIFBAgEGAGSBQQIBRgEoAYugAeGjKb4AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEI6GAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI5MTAzNTc5ODI2NTA3ODYYAA&sigh=IDw0soSVvCU&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145193&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145193323&bpp=1&bdt=771&idt=173&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=V7VQwdKe6m&p=https%3A//ngembassy.info&dtd=178
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Oct 2022 12:19:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 12:19:54 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 3F97 23 KB
10 KB 87ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:16:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 3F97 3 KB
1 KB 100ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 3F97 17 KB
7 KB 90ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F97 142 KB
45 KB 115ms
44ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 12:19:54 GMT

GET
H2 200 ff28bd887d5918000d85a256eb9567a4.js Show response
www.gstatic.com/mysidia/ Frame 3F97 32 KB
14 KB 102ms
31ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff28bd887d5918000d85a256eb9567a4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 10:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 21:54:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 10:33:03 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2834004803608327151/ Frame 3F97 31 KB
32 KB 97ms
42ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2834004803608327151/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e51abfcd922817421031693ca3531f1da2ca00c5a031ab163cd377809734ef27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 16:50:34 GMT
x-content-type-options: nosniff
age: 329360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31954
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 07:20:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Oct 2023 16:50:34 GMT

GET
DATA 200
OK truncated
/ Frame 3F97 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3F97 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 151 KB
54 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8512024ca6f8040b5d6e1da24c8677a3ba701365e56a593ac95fadbcb23b3c75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55048
x-xss-protection: 0
server: cafe
etag: 15523711906060765770
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 12:19:54 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 95ms
36ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 93ms
35ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1DFC 96 KB
33 KB 460ms
459ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aa2af3ac3f82fbd8674f4cf074816f6082d2ada31976b5ee3041cd3e86803e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34151
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:19:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ABD6 31 KB
12 KB 444ms
443ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ef4b91984cbc361b8f74fe4a70461fb1fa48cf5f05d1c5e3ea1251f064e763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 12611
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:19:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 05E4 31 KB
12 KB 413ms
410ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ESR63laR5k&p=https%3A//ngembassy.info&dtd=39

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

320e9a5e6a6bbcda50b74322b3cdfe8011568fbb0e704bdf875c17f692015b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 12583
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:19:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3F97 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a300f3020bc79aa9c112333dfdc6cd975b14e57dd5fbb398237c9a9f359a36e7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/ Frame E7F7 10 KB
4 KB 28ms
27ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 25025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 05:22:49 GMT
etag: 9671129459699598864
expires: Fri, 21 Oct 2022 05:22:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/ Frame B99B 10 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 25025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 05:22:49 GMT
etag: 9671129459699598864
expires: Fri, 21 Oct 2022 05:22:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame E7F7 4 KB
636 B 91ms
38ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 12:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 11:33:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 12:19:54 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E7F7 205 B
229 B 87ms
33ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:51:52 GMT
x-content-type-options: nosniff
age: 5282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Oct 2023 10:51:52 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E7F7 604 B
628 B 86ms
31ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:11:47 GMT
x-content-type-options: nosniff
age: 487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Oct 2023 12:11:47 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/ Frame E7F7 19 KB
8 KB 89ms
34ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8224
x-xss-protection: 0
server: cafe
etag: 17584738254627026664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:10:49 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/ Frame E7F7 12 KB
6 KB 97ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c54c120d12085b99eb408442bc7882747f3532870e578e483bc4ab99d24c56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5790
x-xss-protection: 0
server: cafe
etag: 8495272588599739002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 07:06:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B99B 4 KB
621 B 87ms
38ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 12:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 12:16:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 12:19:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame B99B 2 KB
902 B 93ms
46ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:18:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B99B 0
0 74ms
74ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2dYNaRlAY_H5I-yZ1fAPytSf8Aa0qeSvZIP4yv-nDozq3KvIKRABIMr-1ocBYPsBoAHJ6JPeA8gBCakCd12IdhjGsj6oAwHIA8sEqgTZAU_Qp-hlM3RCOXQLkWLptMDmDjobPRZH5BIa7Id2yV6XehBDDPtI9c3kLmBOUTeGfcRnuhyhCrdD8eCO-TAam2XUZPOkEzg1wR4PiyoVAURfOa5tuE_ODqjkRK6eNPEaAtszJF2Od9IlT2KwySR-eWWz2npexYUfiPo31kYnW_AVDWpffeK94i_EpHOAETBsWZrIeufloyo2IMCSL0jI9SQ2pq1rnQ2qClI0dQbWCQDV9r8k5F2HzuTi2iKLagJA4ryL4nxmg3uaAtsymnhL3SFBnUsFx6S1ouvABK-e7I3iA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAefl-whqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQpoQB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMMiBQC0BUBgBcBshccChoIABIUcHViLTI5MTAzNTc5ODI2NTA3ODYYAA&sigh=Zp0qxt-pNH4&uach_m=[UACH]&template_id=484

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Oct 2022 12:19:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame B99B 23 KB
9 KB 73ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame B99B 3 KB
1 KB 64ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame B99B 17 KB
7 KB 74ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B99B 142 KB
44 KB 96ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 12:19:54 GMT

GET
H3 200 ff28bd887d5918000d85a256eb9567a4.js Show response
www.gstatic.com/mysidia/ Frame B99B 32 KB
13 KB 62ms
28ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff28bd887d5918000d85a256eb9567a4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 10:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 21:54:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 10:33:03 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3F97 28 KB
28 KB 98ms
28ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 185710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 08:44:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A015 8 KB
895 B 42ms
40ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 12:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 10:28:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 12:19:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame A015 2 KB
902 B 31ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:18:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame A015 23 KB
9 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame A015 3 KB
1 KB 35ms
32ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame A015 17 KB
7 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A015 142 KB
44 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 12:19:54 GMT

GET
H3 200 ff28bd887d5918000d85a256eb9567a4.js Show response
www.gstatic.com/mysidia/ Frame A015 32 KB
13 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff28bd887d5918000d85a256eb9567a4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 10:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 21:54:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 10:33:03 GMT

GET
H3 200 -Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js Show response
pagead2.googlesyndication.com/bg/ Frame 35FB 36 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 12:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15918
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 12:43:48 GMT

GET
H2 200 redir.html Show response
p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame DCC8 247 B
961 B 155ms
35ms Document
text/html 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

3c8f2dd155b69ea1a6103463d78b746ae821c5f3a1cdf73a06ff7f758ff9b8ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-l3QrNy6RKRlT3wcKN-MOUw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:19:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 -Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js Show response
pagead2.googlesyndication.com/bg/ Frame EED4 36 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 12:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15918
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 12:43:48 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BB4F 0
0 71ms
70ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmswQahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTAAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDXiWSFQh0xZ42fBeZYvDJs67kFShrQ1wnYKlFb9JpdGxuL1_A9NWIAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=WgLdW-U1ro8&uach_m=[UACH]&cid=CAQSPACsnQUxWdtMnSFPQEtPBwRXy8o4GIMlKAIa2IDzJcY2_0rtdUvlphsLkaUCE64TMtst3sJ5q3uzCU2sKxgBIBM

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ESR63laR5k&p=https%3A//ngembassy.info&dtd=39
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Oct 2022 12:19:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame BB4F 0
0 94ms
27ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hx8x121439dvkfpxawf3z49aqzx17nsfkqwqy2y7xfm245d95gtk47e1ndafkbcyp8p4r6r6gbad8j7wzcssmyn305v195q6x9f76ga169d7vxbc02566ttapmdg0q9yxs9ktc439ncpvajcbm12y8gx7d3hcypwx1sqecd19m7ss4thq47eae0mxkd6mkwycaz8fjes3rmedbrsb57643szyad7afh0hdhcjes9pahmnvkw90nam1rhaz8xqbbf93xb45m0adp7hdx6egr2q5bp8faerhk3f5wyttxza6bazeavm2rj7kfnpwere7xd899g9v92tjfh6ep7xs0vrbt51ebfgbxesysr994czxrd6gqkbgpxp4ghvb8khgyt8hrwkdfrdcy35rdh19zhwbjaqxczvsj&b=Y0AZagAJnv8IFWt4AAUXD9AQ6SbH8m0o6FB7cA
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 Oct 2022 12:19:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame CEDA 2 KB
2 KB 108ms
55ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1knzpak3ykfgt99h38nz40ndcppan466rfy4kvs16805aa8fqfddwteqr95w30wrzvyrte5z1xtraw6rx7k72syrhb4wjt8h3jy5sd8ksfcvmjjry5wxtn3c68f6s0s7as3s083ehdsk4cfd9a9y6nrp6z9wjr4regbhnr12rtdz2vmpqwwsvfz80rzwdpvthms2t76ba3004wwjst4vqfj7aca723me7zpzm0x2jr223emgmzt7m1wdh0c5vxs2qjyvk6gb6hg0kj2vcjnpzpz5k3x77k0d34qqbtdywh0d6yggbmp4ne333eew5jek754s5d0m1jqrv785k0fffqzsf9pw65n5g3bgqhn20nbsq4syavzk075mzejmpk1gv4tm2p057y8xsf67vc82ng94pb6rd2q4c55cnrkt61e6kyar6dw3nx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%26client%3Dca-pub-2910357982650786%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ESR63laR5k&p=https%3A//ngembassy.info&dtd=39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

404bef8d52ef62ea4960699c4daafd9b3dc4b6314ba3f13672cf3d9dd5a3ff6c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7566967d685799c0-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:19:55 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame BB4F 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6248 1 KB
749 B 29ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 55966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 20:47:09 GMT
etag: 48472445140208031
expires: Fri, 07 Oct 2022 20:47:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame BB4F 17 KB
7 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BB4F 0
0 97ms
34ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJdbQtntI-Kpt3yShkaahKtuBYctHHFSu5oFCCrhJOWwJH-6grrv3NljBcdtJwe4iHL_s4WLPlyOwTtT9BYuk7XJ5VCQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ESR63laR5k&p=https%3A//ngembassy.info&dtd=39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB4F 142 KB
44 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 12:19:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1DFC 8 KB
895 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 12:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 10:22:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 12:19:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 1DFC 2 KB
902 B 28ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:18:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 1DFC 23 KB
9 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 1DFC 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 1DFC 17 KB
7 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1DFC 0
0 88ms
33ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTF5AIbQm2W_W1H-EGWEdK73WWee4Ni8o5ZBpiHY00Jgpnmwm3wq-XW6ibAytkri6qEmY6TmDZA8xaNjyrvUmugv_CgrA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DFC 142 KB
44 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 12:19:55 GMT

GET
H3 200 ff28bd887d5918000d85a256eb9567a4.js Show response
www.gstatic.com/mysidia/ Frame 1DFC 32 KB
13 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff28bd887d5918000d85a256eb9567a4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 10:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 21:54:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 10:33:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 82C7 0
0 72ms
71ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs7tbahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMABT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Rv5vd2CU4ACNIUzQ4TnoioaKMbD3l6lrEkFQ56D948eoNpes6dqgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI5MTAzNTc5ODI2NTA3ODYYAA&sigh=hNClS666sUs&uach_m=[UACH]&cid=CAQSPACsnQUx73OaLk7U41uFYcLLHlM1xWiSPL6I4uQq0Iqtu_61cIBYgky6TjnF3egsso3cOxSPZfQjuTC17BgBIBM

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Oct 2022 12:19:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 82C7 0
0 70ms
26ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kkmd0c24366s4pay1yb71v9adqsvqp8d9z44yy0fbez85z40efb4ecxttqvzwcjn8w48c7a9zb8y7p3yw9sbhw9s4js63petqg5th0s5qj2qwy3q12mhv9j3xzdegazvn0jgxb5qc179ne465nxq3zed2hcsyjsfystpxqe0bncvgcvte2ytvenkxjq28m6t7h2d6dxntgyhhnen4kgc6zyacw0bk2rh1n86r764b5r3dcwfmjgccyq3x98vka7ygr0y49rr9apwvbpjhyjbzv712xswkm1gk7h4chjsafx14qv73chxtgwb3dmqbd79f8xvtk4a81843c19q20cd3j6w54adc1y0a2b97bpd6j5jk8a6q256fwxrkkcwdze788a3vc6r7ccw3brrfe2a26kmx12nbz&b=Y0AZagAJo3kKcaCVAAmi7NslBsUAR-adH2DUQQ
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 Oct 2022 12:19:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame DE13 2 KB
2 KB 88ms
64ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k7d4znxjw8p6c5rpp6pwypsdkr6wtf8t19p60v2ahxc9vbdxpv9mwqdy7b5bp23g8hjg0es8mzmjh7sjtsgbx8xjtpv0sarxng0my8ysenenzdbkw2j438xs5w2cnnftydqknp81vy7db0rw8q0qz84s0z7f70cyd3ndzfwq9wayfsr26yt32c033dw5pvy7w4c3fbks3jh0d93e5zkgawwg0qftnw43yz8nw1besvy2vkyrj32mhr9k33pk2kd53ay8ftrxpx5m9xshj7413t29m7xa6xdghqyemr1zt51b8442w81f0j1y6j22z8ny0tctwnmhx4z2dmzrsbkg763yq35ay8ztmpz522dzx5skjm687gmxkqcx8d8eszy1fvv322t173g8ax1ceqrmxscdes3cpgvpym6y9g65dz0p2znv0ymk9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%26client%3Dca-pub-2910357982650786%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c451bd4d55ef9db992b00ca8dceffb0cc6c5931a9656ff4336280130afef56d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7566967dffb599bd-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:19:55 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 82C7 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1ACA 1 KB
749 B 31ms
29ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 55966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 20:47:09 GMT
etag: 48472445140208031
expires: Fri, 07 Oct 2022 20:47:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 82C7 17 KB
7 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 12:19:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 82C7 0
0 96ms
34ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT77ayccFg2X0CqaF1TGFffmhmaH7cIndcnC56r1wjoAvJtNiGljY7k_e1PgGigU2muCUZJ6wPGliDte3xf1URiQnuCWw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82C7 142 KB
44 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 12:19:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1DFC 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLZ4-ahlAY-HzJfbN1fAPuc6lyAnW-NHmbLKN3Ij1D5aCzYWIFhABIMr-1ocBYPsBoAH0xJCfAsgBCagDAcgDywSqBNUBT9BWqYpcArEGTPjsy9_ws8WR5pcpftpg3mxM67r2Ztu4ZEYxiffbe9UUA2zTZkeznDkXQEqVI1Fh_WUcMof2aYZn_c2JMPWyGlUegR9kGfDtxyKdqw3fDo0sZVdlgvCvGOCGfShZG2i5j0Oe_p1Y-O3rOTAIgiiJNpjthCE6sijPzB4VDUma1wX-vYvWyh-EbnvK8hlK3Tzn_1WGleU7i9x5Y9l8fl1fwQ6Jh7jnYqXf7WzIeNjnkpIzjxvuxEUzK4dNCl2eculVOz7UM7ndVlLnGWt_wASSl5bzjgSSBQQIBBgBkgUECAUYBKAGLoAHxKby4AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDfPtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTI5MTAzNTc5ODI2NTA3ODYYAA&sigh=PaISBn6Ghco&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Oct 2022 12:19:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame CEDA 85 KB
11 KB 39ms
38ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1knzpak3ykfgt99h38nz40ndcppan466rfy4kvs16805aa8fqfddwteqr95w30wrzvyrte5z1xtraw6rx7k72syrhb4wjt8h3jy5sd8ksfcvmjjry5wxtn3c68f6s0s7as3s083ehdsk4cfd9a9y6nrp6z9wjr4regbhnr12rtdz2vmpqwwsvfz80rzwdpvthms2t76ba3004wwjst4vqfj7aca723me7zpzm0x2jr223emgmzt7m1wdh0c5vxs2qjyvk6gb6hg0kj2vcjnpzpz5k3x77k0d34qqbtdywh0d6yggbmp4ne333eew5jek754s5d0m1jqrv785k0fffqzsf9pw65n5g3bgqhn20nbsq4syavzk075mzejmpk1gv4tm2p057y8xsf67vc82ng94pb6rd2q4c55cnrkt61e6kyar6dw3nx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%26client%3Dca-pub-2910357982650786%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1knzpak3ykfgt99h38nz40ndcppan466rfy4kvs16805aa8fqfddwteqr95w30wrzvyrte5z1xtraw6rx7k72syrhb4wjt8h3jy5sd8ksfcvmjjry5wxtn3c68f6s0s7as3s083ehdsk4cfd9a9y6nrp6z9wjr4regbhnr12rtdz2vmpqwwsvfz80rzwdpvthms2t76ba3004wwjst4vqfj7aca723me7zpzm0x2jr223emgmzt7m1wdh0c5vxs2qjyvk6gb6hg0kj2vcjnpzpz5k3x77k0d34qqbtdywh0d6yggbmp4ne333eew5jek754s5d0m1jqrv785k0fffqzsf9pw65n5g3bgqhn20nbsq4syavzk075mzejmpk1gv4tm2p057y8xsf67vc82ng94pb6rd2q4c55cnrkt61e6kyar6dw3nx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%26client%3Dca-pub-2910357982650786%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 943358
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 7566967e0fc799bd-CDG
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame CEDA 36 KB
12 KB 69ms
50ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1knzpak3ykfgt99h38nz40ndcppan466rfy4kvs16805aa8fqfddwteqr95w30wrzvyrte5z1xtraw6rx7k72syrhb4wjt8h3jy5sd8ksfcvmjjry5wxtn3c68f6s0s7as3s083ehdsk4cfd9a9y6nrp6z9wjr4regbhnr12rtdz2vmpqwwsvfz80rzwdpvthms2t76ba3004wwjst4vqfj7aca723me7zpzm0x2jr223emgmzt7m1wdh0c5vxs2qjyvk6gb6hg0kj2vcjnpzpz5k3x77k0d34qqbtdywh0d6yggbmp4ne333eew5jek754s5d0m1jqrv785k0fffqzsf9pw65n5g3bgqhn20nbsq4syavzk075mzejmpk1gv4tm2p057y8xsf67vc82ng94pb6rd2q4c55cnrkt61e6kyar6dw3nx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 272402
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScgiosQAsQS%2F4FGIqPabBauR4ywy1msu%2FzyiibtcZw%2FfSE2X8YhKuuJaTr233wbycR2IluoDomW3Xss79jLYXtIMWUb1cJHnO4FxL7U9bdX3sTk1bp19dJ41VXYtgcuO7krAEBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7566967e198a99c0-CDG
expires: Tue, 27 Sep 2022 10:40:02 GMT

GET
H3 200 iframe.html Show response
p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame DCC8 4 KB
2 KB 89ms
35ms Document
text/html 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

8ad9da44e7a063387796753764b97e56eb1ea4eca8c68d7622e6904cd7e44bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1862
content-security-policy-report-only: script-src 'nonce-8V3dCfrw566BTHLqg4zaIg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:19:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6542220379990594968/ Frame 1DFC 32 KB
32 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6542220379990594968/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96d840e7810bab2448317fe2ba8d37fd68477372f914ed61ccdf7d390cb88071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 04:17:12 GMT
x-content-type-options: nosniff
age: 288163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32441
x-xss-protection: 0
last-modified: Thu, 12 May 2022 09:45:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Oct 2023 04:17:12 GMT

GET
DATA 200
OK truncated
/ Frame 1DFC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1DFC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6248 35 B
464 B 90ms
27ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELAICJNlYK4lTCB9PQOpvk4&google_cver=1&google_push=AZmPxg86zlabWILkNknZiVJ4z2iNXBiHJrq9dzgjEZIjCtfOn8axxMdNBXIa44AEu9Q20c7mefifVAk6DdVCXJj60tdK3ds58A

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6248
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEB7nI-Y-izd10pHh3oxhjFI&google_cver=1&google_push=AZmPxg-SxtLKVbWFUn-tNEPMBAOPlQVHzUQXscFQhUhL2tL4jGYqZBy_fzRqa6PhBMgLs6i_CimXCCIsMhWxEDBwTF_hjLQFiRs
https://rtb.openx.net/sync/dds?google_gid=CAESEB7nI-Y-izd10pHh3oxhjFI&google_cver=1&google_push=AZmPxg-SxtLKVbWFUn-tNEPMBAOPlQVHzUQXscFQhUhL2tL4jGYqZBy_fzRqa6PhBMgLs6i_CimXCCIsMhWxEDBwTF_hjLQFiRs&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg-SxtLKVbWFUn-tNEPMBAOPlQVHzUQXscFQhUhL2tL4jGYqZBy_fzRqa6PhBMgLs6i_CimXCCIsMhWxEDBwTF_hjLQFiRs&google_hm=JeZ4aEF1ylMRez6xchrKcg==

170 B
188 B

39ms
38ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg-SxtLKVbWFUn-tNEPMBAOPlQVHzUQXscFQhUhL2tL4jGYqZBy_fzRqa6PhBMgLs6i_CimXCCIsMhWxEDBwTF_hjLQFiRs&google_hm=JeZ4aEF1ylMRez6xchrKcg==

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:54 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg-SxtLKVbWFUn-tNEPMBAOPlQVHzUQXscFQhUhL2tL4jGYqZBy_fzRqa6PhBMgLs6i_CimXCCIsMhWxEDBwTF_hjLQFiRs&google_hm=JeZ4aEF1ylMRez6xchrKcg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: u0der6qoesnbnujn1hl2vk5m8qkno18o

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6248 0
166 B 245ms
18ms Image
text/html 185.64.190.78

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHR3jASVG2ptQNfyfF-pu6s&google_cver=1&google_push=AZmPxg-55sZ00grU_3nt_N43l3ZnX6CDMT51mHn2qiNVLhDOag3SjqmJN3sLN4Gd-Aj8zOIjV71WXzv8V09vm1SyAOn07_XT-Zk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ESR63laR5k&p=https%3A//ngembassy.info&dtd=39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 07 Oct 2022 12:19:54 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6248
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECosGxFE56qpH664ZvtYz38&google_cver=1&google_push=AZmPxg8C7h-fAaDj3462e3k5qDUw3YeL3tA1AoEUSsxNnkmDHLnd4Za1z5tjO0Bj4ncR5zRV71E...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZR0dGTjYtVS04OElZ&google_push=AZmPxg8C7h-fAaDj3462e3k5qDUw3YeL3tA1AoEUSsxNnkmDHLnd4Za1z5tjO0Bj4ncR5zRV71Ewlv8aIMmC82oQq2J4Ks2GRS0

170 B
188 B

95ms
41ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZR0dGTjYtVS04OElZ&google_push=AZmPxg8C7h-fAaDj3462e3k5qDUw3YeL3tA1AoEUSsxNnkmDHLnd4Za1z5tjO0Bj4ncR5zRV71Ewlv8aIMmC82oQq2J4Ks2GRS0

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZR0dGTjYtVS04OElZ&google_push=AZmPxg8C7h-fAaDj3462e3k5qDUw3YeL3tA1AoEUSsxNnkmDHLnd4Za1z5tjO0Bj4ncR5zRV71Ewlv8aIMmC82oQq2J4Ks2GRS0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6248
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_hm=Y0AZa7P61PUbZj7EIQwHYQAADS8AAAIB&google_nid=index&google_push=AZmPxg-rfvSdsyHy9K9m0Qh-ljLoF3hmMuj2i...

170 B
188 B

72ms
40ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_hm=Y0AZa7P61PUbZj7EIQwHYQAADS8AAAIB&google_nid=index&google_push=AZmPxg-rfvSdsyHy9K9m0Qh-ljLoF3hmMuj2iKNKxmNuJoLf6yaNv1mAloCqQaVTf6pJtsrJumImQyI63NTVcfukwPvqutVqCoQ

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 Oct 2022 12:19:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_hm=Y0AZa7P61PUbZj7EIQwHYQAADS8AAAIB&google_nid=index&google_push=AZmPxg-rfvSdsyHy9K9m0Qh-ljLoF3hmMuj2iKNKxmNuJoLf6yaNv1mAloCqQaVTf6pJtsrJumImQyI63NTVcfukwPvqutVqCoQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 0
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 6248 43 B
297 B 304ms
24ms Image
image/gif 2a05:d01c:1d8:8101:4c06:9c07:4ce5:8122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHO2h8TZkRAGX-9vIsyYn7E&google_cver=1&google_push=AZmPxg8M4r99Xb5Tqz3lWs5ZsuFsHX3uVfo1I4KnYz0gUZdtjJtyL1vZ8fSBHOTzObuWX1V5gr9U_z4pNk-v_DDoZcfT_LuPEYY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=3175363789&pi=t.aa~a.2431322315~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=1&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ESR63laR5k&p=https%3A//ngembassy.info&dtd=39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:4c06:9c07:4ce5:8122 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 6248 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6248 0
223 B 114ms
34ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IA0_S_V4H-Wk4Y5eKoncvZL62NAQuC5CMNf1rpYqYaoT1t-ZiehWeWNJpOQmUzyganadWFpw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame BB4F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cdede4076db6736b2214b4dc591fc6dc92ba06230d7c98200dcf8653510e248

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 82C7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c266c60c011c4790eabde1a884c25d6c4e4ee7c9ab96fa9dedc737d3d4fe734c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6F61 1 KB
749 B 27ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 55966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 20:47:09 GMT
etag: 48472445140208031
expires: Fri, 07 Oct 2022 20:47:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1ACA 35 B
464 B 31ms
28ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELAICJNlYK4lTCB9PQOpvk4&google_cver=1&google_push=AZmPxg8qGIUu2Rvk9rz8-hWnrdNfLpr-235ygF0OI90GRW2TQ5E-wez_PwgsAlopRXpRvnVYUouMwO4iNwoiNutLW5UoEflxLrZe

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ACA
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECwXjgq1OFHjHeatr-cbtpM&google_push=AZmPxg_wyXScVg5wDiBqb0Fyk_oRyGkgKKILCrOdnVXnkj6Jru1FJkAMt214oukZBMKdWb_cnlPFTTfpakVEjOViNSQiuzv...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AZmPxg_wyXScVg5wDiBqb0Fyk_oRyGkgKKILCrOdnVXnkj6Jru1FJkAMt214oukZBMKdWb_cnlPFTTfpakVEjOViNSQiuzv_RpCm&google_hm=MTA4MTA0Njg2OTU0Mj...

170 B
188 B

65ms
39ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AZmPxg_wyXScVg5wDiBqb0Fyk_oRyGkgKKILCrOdnVXnkj6Jru1FJkAMt214oukZBMKdWb_cnlPFTTfpakVEjOViNSQiuzv_RpCm&google_hm=MTA4MTA0Njg2OTU0MjAzMjcwMjc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AZmPxg_wyXScVg5wDiBqb0Fyk_oRyGkgKKILCrOdnVXnkj6Jru1FJkAMt214oukZBMKdWb_cnlPFTTfpakVEjOViNSQiuzv_RpCm&google_hm=MTA4MTA0Njg2OTU0MjAzMjcwMjc
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ACA
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEB7nI-Y-izd10pHh3oxhjFI&google_cver=1&google_push=AZmPxg9SjEuLHqRmaYhCWPVUE04zMp3zRpFZnrlQD7VBCbm0eZhfulohTmPD_GYA7eIxNB6uGQm01NfZMhnCtvfKDmZJVYUZtWjn
https://rtb.openx.net/sync/dds?google_gid=CAESEB7nI-Y-izd10pHh3oxhjFI&google_cver=1&google_push=AZmPxg9SjEuLHqRmaYhCWPVUE04zMp3zRpFZnrlQD7VBCbm0eZhfulohTmPD_GYA7eIxNB6uGQm01NfZMhnCtvfKDmZJVYUZtWjn&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg9SjEuLHqRmaYhCWPVUE04zMp3zRpFZnrlQD7VBCbm0eZhfulohTmPD_GYA7eIxNB6uGQm01NfZMhnCtvfKDmZJVYUZtWjn&google_hm=JeZ4aEF1ylMRez6xchrKcg==

170 B
188 B

43ms
41ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg9SjEuLHqRmaYhCWPVUE04zMp3zRpFZnrlQD7VBCbm0eZhfulohTmPD_GYA7eIxNB6uGQm01NfZMhnCtvfKDmZJVYUZtWjn&google_hm=JeZ4aEF1ylMRez6xchrKcg==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg9SjEuLHqRmaYhCWPVUE04zMp3zRpFZnrlQD7VBCbm0eZhfulohTmPD_GYA7eIxNB6uGQm01NfZMhnCtvfKDmZJVYUZtWjn&google_hm=JeZ4aEF1ylMRez6xchrKcg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: ork0c7ekcnrlhov04ktjtm4lq0ocf7lv

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1ACA 0
41 B 162ms
19ms Image
text/html 185.64.190.78

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHR3jASVG2ptQNfyfF-pu6s&google_cver=1&google_push=AZmPxg9TBEN-V33zqjpwYwhgGUJxxExIe_1eMkGuUu1r7JEFoArNmFC4kG1zXdgqQMyyBjquYT9z8upGIbFOLYoMYnZuA87D21_b
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 07 Oct 2022 12:19:52 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ACA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECosGxFE56qpH664ZvtYz38&google_cver=1&google_push=AZmPxg_S54ir0lzwY7PPETxyBiGvYyPbKJRgLOUCjz2ub0HxVOz7XqDNdULL59Nn-pnhqE4ClxK...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZR0dGT0QtMTEtMzROWQ==&google_push=AZmPxg_S54ir0lzwY7PPETxyBiGvYyPbKJRgLOUCjz2ub0HxVOz7XqDNdULL59Nn-pnhqE4ClxK27hy88kvH0SsmuljxgTbwsmV9

170 B
188 B

64ms
38ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZR0dGT0QtMTEtMzROWQ==&google_push=AZmPxg_S54ir0lzwY7PPETxyBiGvYyPbKJRgLOUCjz2ub0HxVOz7XqDNdULL59Nn-pnhqE4ClxK27hy88kvH0SsmuljxgTbwsmV9

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZR0dGT0QtMTEtMzROWQ==&google_push=AZmPxg_S54ir0lzwY7PPETxyBiGvYyPbKJRgLOUCjz2ub0HxVOz7XqDNdULL59Nn-pnhqE4ClxK27hy88kvH0SsmuljxgTbwsmV9
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ACA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_hm=Y0AZa7P61PUbZj7EIQwHYQAADS8AAAIB&google_nid=index&google_push=AZmPxg8vMoUnbxG50saEFF6hvnXjO-TJ0gaT3...

170 B
188 B

69ms
40ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_hm=Y0AZa7P61PUbZj7EIQwHYQAADS8AAAIB&google_nid=index&google_push=AZmPxg8vMoUnbxG50saEFF6hvnXjO-TJ0gaT3PJI7IWMj0oNl1zqnE0dhqPqjOroGrnqUnnLgw17FjMn4RJyGAnOxMEhRCMQIKQK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 Oct 2022 12:19:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_hm=Y0AZa7P61PUbZj7EIQwHYQAADS8AAAIB&google_nid=index&google_push=AZmPxg8vMoUnbxG50saEFF6hvnXjO-TJ0gaT3PJI7IWMj0oNl1zqnE0dhqPqjOroGrnqUnnLgw17FjMn4RJyGAnOxMEhRCMQIKQK
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 1ACA 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1ACA 0
40 B 36ms
34ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lwmk-_0rEN52pLn5xph-yDBXg0GcXavepMAGTpAKRVbgMfl4KXMmTsKeGphLxpK755EPmKTg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1996&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1VVkDbvSVd&p=https%3A//ngembassy.info&dtd=35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame DE13 85 KB
11 KB 56ms
52ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k7d4znxjw8p6c5rpp6pwypsdkr6wtf8t19p60v2ahxc9vbdxpv9mwqdy7b5bp23g8hjg0es8mzmjh7sjtsgbx8xjtpv0sarxng0my8ysenenzdbkw2j438xs5w2cnnftydqknp81vy7db0rw8q0qz84s0z7f70cyd3ndzfwq9wayfsr26yt32c033dw5pvy7w4c3fbks3jh0d93e5zkgawwg0qftnw43yz8nw1besvy2vkyrj32mhr9k33pk2kd53ay8ftrxpx5m9xshj7413t29m7xa6xdghqyemr1zt51b8442w81f0j1y6j22z8ny0tctwnmhx4z2dmzrsbkg763yq35ay8ztmpz522dzx5skjm687gmxkqcx8d8eszy1fvv322t173g8ax1ceqrmxscdes3cpgvpym6y9g65dz0p2znv0ymk9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%26client%3Dca-pub-2910357982650786%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k7d4znxjw8p6c5rpp6pwypsdkr6wtf8t19p60v2ahxc9vbdxpv9mwqdy7b5bp23g8hjg0es8mzmjh7sjtsgbx8xjtpv0sarxng0my8ysenenzdbkw2j438xs5w2cnnftydqknp81vy7db0rw8q0qz84s0z7f70cyd3ndzfwq9wayfsr26yt32c033dw5pvy7w4c3fbks3jh0d93e5zkgawwg0qftnw43yz8nw1besvy2vkyrj32mhr9k33pk2kd53ay8ftrxpx5m9xshj7413t29m7xa6xdghqyemr1zt51b8442w81f0j1y6j22z8ny0tctwnmhx4z2dmzrsbkg763yq35ay8ztmpz522dzx5skjm687gmxkqcx8d8eszy1fvv322t173g8ax1ceqrmxscdes3cpgvpym6y9g65dz0p2znv0ymk9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%26client%3Dca-pub-2910357982650786%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 943358
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 7566967ea93499bd-CDG
expires: 0

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame DE13 36 KB
13 KB 36ms
33ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k7d4znxjw8p6c5rpp6pwypsdkr6wtf8t19p60v2ahxc9vbdxpv9mwqdy7b5bp23g8hjg0es8mzmjh7sjtsgbx8xjtpv0sarxng0my8ysenenzdbkw2j438xs5w2cnnftydqknp81vy7db0rw8q0qz84s0z7f70cyd3ndzfwq9wayfsr26yt32c033dw5pvy7w4c3fbks3jh0d93e5zkgawwg0qftnw43yz8nw1besvy2vkyrj32mhr9k33pk2kd53ay8ftrxpx5m9xshj7413t29m7xa6xdghqyemr1zt51b8442w81f0j1y6j22z8ny0tctwnmhx4z2dmzrsbkg763yq35ay8ztmpz522dzx5skjm687gmxkqcx8d8eszy1fvv322t173g8ax1ceqrmxscdes3cpgvpym6y9g65dz0p2znv0ymk9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%26client%3Dca-pub-2910357982650786%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 272402
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIkZpXOX9DypqsqjVQEup6ApW0rWQjQurkX50Hq6gWigSjjMbRENeixDzbvf4nUA3p4rRIjagg6oHcVEfBmXsK32%2FbcxV2PKW3bMYo5Yv2C8LpGxt%2FYJyWVjjEFt4QxobYSHHkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7566967ea93699bd-CDG
expires: Tue, 27 Sep 2022 10:40:02 GMT

GET
DATA 200
OK truncated
/ Frame 1DFC 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39e62107066529698f1e0568b3d8af26487d7f0966e4323eea6e5f3ea0ca28a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 1DFC 28 KB
28 KB 79ms
26ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 185711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 08:44:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F61
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELAICJNlYK4lTCB9PQOpvk4&google_cver=1&google_push=AZmPxg-TavpugAticW8vjk8I48FBb1gUwGecKF6EpxGP7mO4-35kwo08LC...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-TavpugAticW8vjk8I48FBb1gUwGecKF6EpxGP7mO4-35kwo08LC_lj1Z7NRYZsSs8fGWm_Ru2VqESTFrQqiNS-9Gp4SfC&google_hm=A5bvdPE2Qb-z...

170 B
188 B

43ms
37ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-TavpugAticW8vjk8I48FBb1gUwGecKF6EpxGP7mO4-35kwo08LC_lj1Z7NRYZsSs8fGWm_Ru2VqESTFrQqiNS-9Gp4SfC&google_hm=A5bvdPE2Qb-zPeEenU46dg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-TavpugAticW8vjk8I48FBb1gUwGecKF6EpxGP7mO4-35kwo08LC_lj1Z7NRYZsSs8fGWm_Ru2VqESTFrQqiNS-9Gp4SfC&google_hm=A5bvdPE2Qb-zPeEenU46dg
pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F61
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECwXjgq1OFHjHeatr-cbtpM&google_push=AZmPxg9BWNsWcSVgZP1XOfisslVcwgtiJYWjl9E9toikIveLPA3H5erD3J2zNtbqe3043r1Ex3qvkw06AncBRcTlxeJKMfl...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AZmPxg9BWNsWcSVgZP1XOfisslVcwgtiJYWjl9E9toikIveLPA3H5erD3J2zNtbqe3043r1Ex3qvkw06AncBRcTlxeJKMfl5WU-S&google_hm=MTA4MTc0MzUyMDAyMz...

170 B
188 B

41ms
39ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AZmPxg9BWNsWcSVgZP1XOfisslVcwgtiJYWjl9E9toikIveLPA3H5erD3J2zNtbqe3043r1Ex3qvkw06AncBRcTlxeJKMfl5WU-S&google_hm=MTA4MTc0MzUyMDAyMzIzMzQwNTE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AZmPxg9BWNsWcSVgZP1XOfisslVcwgtiJYWjl9E9toikIveLPA3H5erD3J2zNtbqe3043r1Ex3qvkw06AncBRcTlxeJKMfl5WU-S&google_hm=MTA4MTc0MzUyMDAyMzIzMzQwNTE
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F61
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEB7nI-Y-izd10pHh3oxhjFI&google_cver=1&google_push=AZmPxg8pzWK3TG7c1lxsmZ4ySHhbTyC2R62bITiNcaWAKWtragBp3B_PUL3ySkpKpQZ04h1VDK5zA0YL0W5mK74nAKRbnI39ImJa
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8pzWK3TG7c1lxsmZ4ySHhbTyC2R62bITiNcaWAKWtragBp3B_PUL3ySkpKpQZ04h1VDK5zA0YL0W5mK74nAKRbnI39ImJa&google_hm=JeZ4aEF1ylMRez6xchrKcg==

170 B
188 B

38ms
37ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8pzWK3TG7c1lxsmZ4ySHhbTyC2R62bITiNcaWAKWtragBp3B_PUL3ySkpKpQZ04h1VDK5zA0YL0W5mK74nAKRbnI39ImJa&google_hm=JeZ4aEF1ylMRez6xchrKcg==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8pzWK3TG7c1lxsmZ4ySHhbTyC2R62bITiNcaWAKWtragBp3B_PUL3ySkpKpQZ04h1VDK5zA0YL0W5mK74nAKRbnI39ImJa&google_hm=JeZ4aEF1ylMRez6xchrKcg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: oi60t5kh85ecgmdt4esnrnu3p8i37d1v

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6F61 0
41 B 83ms
19ms Image
text/html 185.64.190.78

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHR3jASVG2ptQNfyfF-pu6s&google_cver=1&google_push=AZmPxg8TJQ4CPcXwpNjvNglL9uXOiwHWcln7490Utjk8bULWiPv5IICWoNVCZLU0N8eS_YHXeDlkY0xP2Va3LnnDfayBCwmkJ6q5
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 07 Oct 2022 12:19:55 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F61
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECosGxFE56qpH664ZvtYz38&google_cver=1&google_push=AZmPxg836it0DUtDh4UK6a-ioqob9POalBiKHkcfv7lf0g1BtGN-hMErBfOR8vuYt-I_XD5_z9k...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZR0dGT1ctMVctQjhQRg==&google_push=AZmPxg836it0DUtDh4UK6a-ioqob9POalBiKHkcfv7lf0g1BtGN-hMErBfOR8vuYt-I_XD5_z9kN3jtJOmWJK7wFK4Q-5RrCEW1Z

170 B
188 B

48ms
40ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZR0dGT1ctMVctQjhQRg==&google_push=AZmPxg836it0DUtDh4UK6a-ioqob9POalBiKHkcfv7lf0g1BtGN-hMErBfOR8vuYt-I_XD5_z9kN3jtJOmWJK7wFK4Q-5RrCEW1Z

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZR0dGT1ctMVctQjhQRg==&google_push=AZmPxg836it0DUtDh4UK6a-ioqob9POalBiKHkcfv7lf0g1BtGN-hMErBfOR8vuYt-I_XD5_z9kN3jtJOmWJK7wFK4Q-5RrCEW1Z
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F61
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_hm=Y0AZa7P61PUbZj7EIQwHYQAADS8AAAIB&google_nid=index&google_push=AZmPxg8YSrzjrdL_2TOiVH0odkCOjV0skzNUD...

170 B
188 B

52ms
42ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_hm=Y0AZa7P61PUbZj7EIQwHYQAADS8AAAIB&google_nid=index&google_push=AZmPxg8YSrzjrdL_2TOiVH0odkCOjV0skzNUDJHkVoQEvJrrM6f4kkinEooZZgqCZCLfUek7UowUmbjnS2WsD3fbRlNIE6vy9zk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 Oct 2022 12:19:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXEojo57W5atOTZRsUT2EE&google_hm=Y0AZa7P61PUbZj7EIQwHYQAADS8AAAIB&google_nid=index&google_push=AZmPxg8YSrzjrdL_2TOiVH0odkCOjV0skzNUDJHkVoQEvJrrM6f4kkinEooZZgqCZCLfUek7UowUmbjnS2WsD3fbRlNIE6vy9zk
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 0
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 6F61 43 B
296 B 145ms
26ms Image
image/gif 2a05:d01c:1d8:8101:4c06:9c07:4ce5:8122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHO2h8TZkRAGX-9vIsyYn7E&google_cver=1&google_push=AZmPxg8utgPUZviceqUFgkvC0It7LBh5h2GikbY0iHu9Y2wl9yGLJn-52M9rc33ovdoYkCAoM_zab0Amx8Y-XwDKoES-UnCMpkEF
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:4c06:9c07:4ce5:8122 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6F61 0
12 B 71ms
36ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGUq5ZNcJeBhwePJE5Qf2N5lbfQF4YuYWK2wQRSwbOf2Hxq3wn1J2v1EtIPqIEnbkT0oM0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CEDA 3 KB
4 KB 89ms
35ms Image
image/png 2606:4700:20::ac43:444e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 533
x-guploader-uploadid: ADPycduKQNVDY0CSOYWWI89vgO5oPEyInaT9LxSJr_kKlz8fnDNOqSCOqPyzFTyyqbQAN96VmVGSJI7gybz1kQBZZAATgUe6fRWC
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9rBxon70JOh%2BCaI%2FFUyFxg7mWvqq3FR5tkhWJdiP23Nl%2BfgOU6nkY7t%2FmHL%2BIoej0Ep%2Bs4zHb8IGGQKlGNUo3oAe2ejvVXOSzjCh9%2F6SESGWOsXH9xYpvef7YTx8PwkfIF5EOTPL3PYtr%2FgfntPjhnI"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7566967f69c2d65e-CDG
expires: Fri, 07 Oct 2022 12:35:06 GMT

GET
H3 200 -Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js Show response
pagead2.googlesyndication.com/bg/ Frame B220 36 KB
16 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 12:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15918
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 12:43:48 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 2EFF 2 KB
1 KB 33ms
33ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1008845
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7566967f19f699bd-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 07 Oct 2022 12:19:55 GMT
expires: Sun, 25 Sep 2022 21:03:20 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swhVElCBTq7OFal6vYVr6N0zs0g%2BlgX3xaCwCicHxYCxy0HyZPQpxpW%2B2QxDbbRsprMDWY6NiPcojgQeHIufeZBTc2T7ufp7wiJqYyNbisMNpbelbh97Cjkb7z1Cu0gdcFB%2BrZw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DE13 3 KB
3 KB 66ms
36ms Image
image/png 2606:4700:20::ac43:444e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 533
x-guploader-uploadid: ADPycduKQNVDY0CSOYWWI89vgO5oPEyInaT9LxSJr_kKlz8fnDNOqSCOqPyzFTyyqbQAN96VmVGSJI7gybz1kQBZZAATgUe6fRWC
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BE%2BoCqf3KW5WU7GoL%2F8966DabslwVFtDCRos9DNjt9DeuWu92gw7aWJgXd4Ej7lVCNbT7w7NfS2M8LHDuxwr3sm30mvFVsaadpdYu628ZTl3U3QYVT24Oaff00ZJwsD1PMa%2B0XdCBKBgOmptPXtiRx%2B1"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7566967f69c8d65e-CDG
expires: Fri, 07 Oct 2022 12:35:06 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 7628 2 KB
1 KB 38ms
38ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1008845
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7566967f4a2999bd-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 07 Oct 2022 12:19:55 GMT
expires: Sun, 25 Sep 2022 21:03:20 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQ4oFwkoFsCUcLo3nEl7tuixFHedwAUihGbwu16SlQ4Kdi38Szv2E3aKXeKcTVkPT1wXk%2FznOdZiJT8aq5%2FeUCko0HrwpcmHrDc3FPrxTX75AQRwsTRUsEnIHeICeytaDpbSqv0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 -Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js Show response
pagead2.googlesyndication.com/bg/ Frame 7EAB 36 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.165272966~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665145194&rafmt=1&to=qs&pwprc=3018914672&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665145194547&bpp=1&bdt=1995&idt=-M&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf8d22e2bcc7239a-22b5d88f3bce00c7%3AT%3D1665145193%3ART%3D1665145193%3AS%3DALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5670540956391&frm=20&pv=1&ga_vid=1003399831.1665145193&ga_sid=1665145193&ga_hid=1614520646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070197%2C42531705%2C44772927%2C44774293%2C44773747%2C21066431&oid=2&pvsid=1849526201508205&tmod=1317603386&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cYVRzm0b1R&p=https%3A//ngembassy.info&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 12:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15918
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 12:43:48 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 97ms
43ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221003&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

513acc725f87aa98d93f3d63030b058a65d1dffdb7605ef9aac93ba6ca9636bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11170
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame CEDA 1 KB
2 KB 52ms
51ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ec903ad10129730201a3de8cba338623b956e2bff906485a994fa0ba346d14d

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaCvA6c%2BIDHkqJqaeA0FYokd3qyzCimYJtvje9y2rRWfFk3qW5XknemdK%2BIQsZ3F2exVc62Ew9xUKTujGCRNnsXDKyUBrMaHIyF4oMMuaEFhQaU4cCLiMhIMzHBsZ93WYhD1Z3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 756696809e84f13c-CDG
x-backend-server: aa-reachservice-group-europe-west1-46ds
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 91ms
68ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 756696802d83f13c-CDG
content-length: 24
content-type: text/plain
date: Fri, 07 Oct 2022 12:19:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkHZuY7T4eQQwGE79Enbagd8WejGJ2V1n8VcTbAdgsYo%2FfeK4Pwt7KQAwoNi5K7k318DYULOdh6EuZl4%2BITTjQ%2F7xmAbED6ZaXCvNX8f9kqq9PvMqRgpihE98jRwf8h%2Bv4TjyZ4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-46ds

POST
H3 200 rs Show response
ad4m.at/ Frame DE13 1 KB
2 KB 64ms
64ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ebc9d9259b251e069f638e279a7b4e8410e232ef78c4d4e5f36f1f5d8af7701

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOUjPNUxtW6rV5mbhYVL9NVOzeiyIy%2FORuXHGCOOhIIa23LFgieTnTRr6IrzJtRFE5NPTpqXIQP484aQmh37KdDq8y78aZojBdVo%2BcQYQ97Ig9raA%2BDszBqJQFrm5bCGARskT0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 756696808e6cf13c-CDG
x-backend-server: aa-reachservice-group-europe-west1-46ds
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 78ms
56ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 756696802d81f13c-CDG
content-length: 24
content-type: text/plain
date: Fri, 07 Oct 2022 12:19:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gg2w%2BB4dVTV5lY7%2BhHVcXhoBKnrYojmv%2FM4L2ncysySOkmzreq7hdsIHaHL672vVAEPbzmEnc3FSf1Ei36scSm1L25S2qSl0K7h%2FbvT9adF2IwSsYSf%2BxvcW6F7vR0tl9nG7s1o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-46ds

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 12:19:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6F6C 13 KB
5 KB 28ms
26ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 2200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 11:43:15 GMT
expires: Sat, 07 Oct 2023 11:43:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B7ED 783 B
535 B 38ms
36ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

84d09806b865ede7c3b2a1475d94777d743ecf07aecaf037aae996158da623ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kjhSZ1IQSVcbjjt8AlPoGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-kjhSZ1IQSVcbjjt8AlPoGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:19:55 GMT
expires: Fri, 07 Oct 2022 12:19:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 39C8 9 KB
4 KB 59ms
59ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

148e944f65a435d1c39cd3f81be59f65f7543994596d9a0945d5197bc58d588e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1knzpak3ykfgt99h38nz40ndcppan466rfy4kvs16805aa8fqfddwteqr95w30wrzvyrte5z1xtraw6rx7k72syrhb4wjt8h3jy5sd8ksfcvmjjry5wxtn3c68f6s0s7as3s083ehdsk4cfd9a9y6nrp6z9wjr4regbhnr12rtdz2vmpqwwsvfz80rzwdpvthms2t76ba3004wwjst4vqfj7aca723me7zpzm0x2jr223emgmzt7m1wdh0c5vxs2qjyvk6gb6hg0kj2vcjnpzpz5k3x77k0d34qqbtdywh0d6yggbmp4ne333eew5jek754s5d0m1jqrv785k0fffqzsf9pw65n5g3bgqhn20nbsq4syavzk075mzejmpk1gv4tm2p057y8xsf67vc82ng94pb6rd2q4c55cnrkt61e6kyar6dw3nx8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%26client%3Dca-pub-2910357982650786%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75669680ed9c99bd-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:19:55 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame D811 9 KB
4 KB 65ms
65ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d979025bd2f0e1346c2f0fb1e626babe5708ecc4e3fc3aa74de567556964879

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k7d4znxjw8p6c5rpp6pwypsdkr6wtf8t19p60v2ahxc9vbdxpv9mwqdy7b5bp23g8hjg0es8mzmjh7sjtsgbx8xjtpv0sarxng0my8ysenenzdbkw2j438xs5w2cnnftydqknp81vy7db0rw8q0qz84s0z7f70cyd3ndzfwq9wayfsr26yt32c033dw5pvy7w4c3fbks3jh0d93e5zkgawwg0qftnw43yz8nw1besvy2vkyrj32mhr9k33pk2kd53ay8ftrxpx5m9xshj7413t29m7xa6xdghqyemr1zt51b8442w81f0j1y6j22z8ny0tctwnmhx4z2dmzrsbkg763yq35ay8ztmpz522dzx5skjm687gmxkqcx8d8eszy1fvv322t173g8ax1ceqrmxscdes3cpgvpym6y9g65dz0p2znv0ymk9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%26client%3Dca-pub-2910357982650786%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75669680ed9f99bd-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:19:55 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 -Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F6C 36 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 12:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15918
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 12:43:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B7ED 0
0 59ms
59ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221003&jk=1849526201508205&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 39C8 85 KB
11 KB 46ms
44ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 943358
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 756696815e6f99bd-CDG
expires: 0

GET
H2 200 B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
assets.ad4m.at/logo/ Frame 39C8 3 KB
4 KB 63ms
52ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6662a88e91de4223a31c5ea17534f89906d0e40d33e5f07e84d5700b2836bbad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1179666
cf-polished: origFmt=png, origSize=14458
content-disposition: inline; filename="B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3490
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 May 2021 10:01:33 GMT
server: cloudflare
etag: "dab6e07cc0ddae30cee97f47f1ed718c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e075oHEjZRCxiHIM28tWCXSY%2FqTtRUXGwp1Wl%2FQlOhcP9NK9TorGht3xBx%2BCWgW5lk0SZnGaQOGKUVOI3AmFGLFt0Iojh1BjeB5f8k2YlOofMfvxkQREOwRXY2GP2ZArSU9NwZY9m%2BiNtjnP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756696816ec399c0-CDG
expires: Sat, 08 Oct 2022 12:19:55 GMT

GET
H2 200 E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
assets.ad4m.at/product_image/ Frame 39C8 66 KB
67 KB 60ms
51ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8adfb6325b9f5e2692f750d016484c154ee4c0ef5fa804f511a5932683612ff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2490403
cf-polished: origFmt=png, origSize=142926
content-disposition: inline; filename="E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67486
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 May 2021 09:55:07 GMT
server: cloudflare
etag: "094f912bcc63eefcc3e544b9efc88d5b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaDWb75WK%2Frv6Ujmjj5P%2BQ8FpzDH8YcTmOkIBX%2FpkRuLrctpIlFMsHHl%2B3Z5rkuQs52M19Yhj%2FaiKBCCOYDeizqikJl3Kp%2BbB%2FYZ93wLgbnsv2e%2FkkPzCdO7YYbNi81fQzVmz15vySGCFVUI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756696816ec599c0-CDG
expires: Sat, 08 Oct 2022 12:19:55 GMT

GET
H/1.1 200
OK /
jpp.aircaraibes.com/ Frame 39C8 43 B
2 KB 121ms
34ms Image
image/gif 95.131.136.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jpp.aircaraibes.com/?t=P51125B56C8632157&argsite=oneidpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCEoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.131.136.1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:55 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0065879821777344
Connection: close
X-TRK-PROC: 70235
Pragma: no-cache
X-TRK-SRV: 9
Server: nginx
Last-Modified: Fri, 07 Oct 2022 12:19:55 GMT
X-TRK-DECISION: 7
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame 39C8 14 KB
15 KB 43ms
35ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1178456
cf-polished: qual=85, origFmt=jpeg, origSize=19949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHk4YEP9V44OaP9IsZt1MGRaHyfFx5Ep5k1U0dkfXmfmVQZFvGskPIljgAaHWz4MPAT%2BOprZ79MDgbr6ynLSBoTiIPEJOnTkDHF1EBpcZNE85TgP8q89KSsK4%2FN1S%2FjyXIV7R8FXWvyqQJu%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756696816ec199c0-CDG
expires: Sat, 08 Oct 2022 12:19:55 GMT

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame 39C8 274 KB
275 KB 60ms
52ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30625
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=385m0%2BZojfXG35qCRLEgONRVD%2F2DfBzI9lM2v706rXFTxbrWzPVEdygTUSqzi1S8vVFHH1ElU4QOEQIaPvQdhEutyAqg3q8ltIc50Xe5gYdzdPWLJvIJa64OH6IHUkSnY0HA2wepVT7VkB1k"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756696816ec799c0-CDG
expires: Sat, 08 Oct 2022 12:19:55 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame 39C8
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

114ms
22ms

Image
image/gif

192.229.220.129

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 -, , ASN (),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 2119
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
content-length: 135736

Redirect headers

Date: Fri, 07 Oct 2022 12:19:55 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0065898895263672
Connection: close
X-TRK-PROC: 58179
Pragma: no-cache
X-TRK-SRV: 9
Server: nginx
Last-Modified: Fri, 07 Oct 2022 12:19:55 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 C05DA675A1053D87C82A9C5B23CE0847F6679ABC6C662CDD770C8F4EBF056225680852532FD1B0D0C815F266845DC6D9FE96E59CB304164FF41B71D6EDEB1E6F
assets.ad4m.at/logo/ Frame 39C8 7 KB
7 KB 40ms
33ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C05DA675A1053D87C82A9C5B23CE0847F6679ABC6C662CDD770C8F4EBF056225680852532FD1B0D0C815F266845DC6D9FE96E59CB304164FF41B71D6EDEB1E6F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21418edaca3d6ad9862b5ce6fd1777a375d097a32e9f03c5f76838e39ce9b616

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1179739
cf-polished: qual=85, origFmt=jpeg, origSize=12201
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:32:54 GMT
server: cloudflare
etag: "403ed96087cc1e0908796be6993d17d3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNygouijL2ZxV746tnL3eEWu69ViF10jNYeWGToFiafwmyiybQ05hF%2B2u56e11sYrn201MS5JCdSvH%2FmR%2FooF11sKihaM401FCA0f0UIHTewtNiZNX7dZd8thOcgl7gKvNFcH2zTnrsWRIBs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756696816eca99c0-CDG
expires: Sat, 08 Oct 2022 12:19:55 GMT

GET
H2 200 1574F89E3C559817A08A3A92A7A382FE4E9F40E7EE39AC37401491CF37127C36896C06CDF9E2F533A26433B624D54ED209692673563EC8925360D280112F5895
assets.ad4m.at/product_image/ Frame 39C8 25 KB
25 KB 41ms
34ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1574F89E3C559817A08A3A92A7A382FE4E9F40E7EE39AC37401491CF37127C36896C06CDF9E2F533A26433B624D54ED209692673563EC8925360D280112F5895
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d24a44b1153c1b23235fe05d2285970fcd799323e3863ebe4802dd106e7c0040

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38080
cf-polished: qual=85, origFmt=jpeg, origSize=82240
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25296
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Jul 2021 08:37:29 GMT
server: cloudflare
etag: "187f0b3762be28d4b3d05d2564820e05"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eQbba6NOum3XwjkWl3CQWHBhWcER6lLSNtMTfBgZVl5NcaWTfLBJLG%2FfQANY3EHNeCX13%2FVSWUAKaQMF8dkke55UPdJYG%2FrFY3SDKIam%2FpZ3fcr68cNDzNBs9avGa8aFLsTTFO2zlgabipO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756696816ec999c0-CDG
expires: Sat, 08 Oct 2022 12:19:55 GMT

GET
H/1.1

200
OK

trkr.php
znl.maisonic.com/ Frame 39C8
Redirect Chain

https://action.metaffiliation.com/trk.php?taff=P4F5F156C8631715&argsite=oneidkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsRoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://znl.maisonic.com/trkr.php?taff=P4F5F156C8631715&argsite=oneidkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsRoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

43 B
2 KB

134ms
35ms

Image
image/gif

95.131.136.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://znl.maisonic.com/trkr.php?taff=P4F5F156C8631715&argsite=oneidkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsRoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=1bb0433e98c34ba2c7fb7b836912ec7f%2F4085418523293858411&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195630&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy5gbg9rv5dpw2a594rkxa57nh3158tdapdz2nhx9x0pk65hm8e8zvzgzs39vvhaykxjptxekr2r7bmha56fq6rdqj5bnkgty5kyvrnbbxzb4h3mfm2y7g9cbk1xr7br23j9f6d7jx73s3y6ft4knmb35v6zgbfhcnrw7ncve6wz6f68qqvqgksxbgqb0q82ben38vw9phy1vq98shv7afhemnqe6wj7n77jfzemytnce68283j6tq61xxq047bw2t073qe780x2w1tnqp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5i5wahlAY_-9JvjW1fAPj66UkAXi0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTI5MTAzNTc5ODI2NTA3ODbIAQmpAmbn-6N7cLA-qAMBqgTDAU_QmgURNWz8zK75tmFc-BZ6zl3yGhpWYITNL4cmCTlw137oD-G8ddHDEQwXv2l94hNtCSJhoZACZAwQlRsy7gYO-zRG8SSVkRLPcGlOAo9HY3ZKyg6W9AcMrybsU638-GkLeCx-9Bs47LsUnyyT55lTxlr2k7c007H36Giuu6mzw875wxkNublz9LyaRGK_eJeT3mOd3WlDHDWgWwDCULXeo69GZV6ObFizqlpYK74b2v_ULTY-pX5X6vogIJANkIRY8YAG-MyI0celsc8joAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rcMFY6kkDE0xeNUZWZZsHbPO0wA%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 95.131.136.1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:55 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.010968923568726
Connection: close
X-TRK-PROC: 62961
Pragma: no-cache
X-TRK-SRV: 9
Server: nginx
Last-Modified: Fri, 07 Oct 2022 12:19:55 GMT
X-TRK-DECISION: 7
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 07 Oct 2022 12:19:55 GMT
X-TRK-SRV: 9
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://znl.maisonic.com/trkr.php?taff=P4F5F156C8631715&argsite=oneidkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsRoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
X-TRK-KWK-FP-ERR: action.metaffiliation.com - znl.maisonic.com
Access-Control-Allow-Credentials: true
Connection: close
X-TRK-PROC: 62961
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame D811 85 KB
11 KB 57ms
56ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 943358
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 756696816e9a99bd-CDG
expires: 0

GET
H2 200 B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
assets.ad4m.at/logo/ Frame D811 3 KB
4 KB 33ms
32ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6662a88e91de4223a31c5ea17534f89906d0e40d33e5f07e84d5700b2836bbad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1179666
cf-polished: origFmt=png, origSize=14458
content-disposition: inline; filename="B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3490
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 May 2021 10:01:33 GMT
server: cloudflare
etag: "dab6e07cc0ddae30cee97f47f1ed718c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxQHyOOBQXxkdLvF%2FxioYBjOIt%2BvIK1mrB05ooiucNsaCWtFj5B3kDB7I4DPyNLv8fN%2BPmOfPX8b1TehtzL68WJ8i4ykAOGwTCZpqnw%2FfmAspdQ%2FhwO3pN1cmNlI768yLvlUp7DeZzwesYq2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756696816ecd99c0-CDG
expires: Sat, 08 Oct 2022 12:19:55 GMT

GET
H2 200 E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
assets.ad4m.at/product_image/ Frame D811 66 KB
66 KB 50ms
49ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8adfb6325b9f5e2692f750d016484c154ee4c0ef5fa804f511a5932683612ff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2490403
cf-polished: origFmt=png, origSize=142926
content-disposition: inline; filename="E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67486
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 May 2021 09:55:07 GMT
server: cloudflare
etag: "094f912bcc63eefcc3e544b9efc88d5b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MsmJ41bPRXoTuylSDTnSS3zABwcpBNj2VcKlxlhZnvGRa%2BqPKaDvnTOXmjvt0JP819HZtZxQUEa8l2vc%2B6oCq7PlKdBA0Gz3tvf0T7%2Fh812kqKm4ihFT0QoWFG2zdQY0OM%2FqdeGUTu6s9r%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756696816ecf99c0-CDG
expires: Sat, 08 Oct 2022 12:19:55 GMT

GET
H/1.1 200
OK /
jpp.aircaraibes.com/ Frame D811 43 B
2 KB 110ms
33ms Image
image/gif 95.131.136.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jpp.aircaraibes.com/?t=P51125B56C8632157&argsite=oneidpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCEoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.131.136.1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:55 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0068488121032715
Connection: close
X-TRK-PROC: 70235
Pragma: no-cache
X-TRK-SRV: 9
Server: nginx
Last-Modified: Fri, 07 Oct 2022 12:19:55 GMT
X-TRK-DECISION: 7
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame D811 14 KB
15 KB 30ms
28ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1178456
cf-polished: qual=85, origFmt=jpeg, origSize=19949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6W1D%2FGybP8LOxYhZEDWAsyCJeWleDBLSfu0MYfrmfMxF2ljKa1swjpohiJQ5r8rizTnEtWvKJaFwR9E%2FrX88GQOfvZ6VFK4%2F9eIweC4DQK7gJVc5dcEN3dzYs3nYQ9vHqAXnxF0OnTKgbuO%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756696816ed099c0-CDG
expires: Sat, 08 Oct 2022 12:19:55 GMT

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame D811 274 KB
275 KB 50ms
49ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30625
cf-polished: origFmt=png, origSize=547949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxWNFFarr3%2F6V8Jcm85Rp6LA2oV8fKP8vr%2BF3xnWMo8Wwg71XGNp%2Fsd4bRPJhvhPWbHWTs9cvOGD1KrOEVvK1IenCGOAZ%2F3BJEK9KN%2Bahw%2B07Q8OlfceyBIJBU6RrobqjAzH3zbPJQmkiJGX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756696816ed299c0-CDG
expires: Sat, 08 Oct 2022 12:19:55 GMT

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame D811
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

151ms
60ms

Image
image/gif

192.229.220.129

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 -, , ASN (),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 2119
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
content-length: 135736

Redirect headers

Date: Fri, 07 Oct 2022 12:19:55 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0064270496368408
Connection: close
X-TRK-PROC: 58179
Pragma: no-cache
X-TRK-SRV: 9
Server: nginx
Last-Modified: Fri, 07 Oct 2022 12:19:55 GMT
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 C05DA675A1053D87C82A9C5B23CE0847F6679ABC6C662CDD770C8F4EBF056225680852532FD1B0D0C815F266845DC6D9FE96E59CB304164FF41B71D6EDEB1E6F
assets.ad4m.at/logo/ Frame D811 7 KB
7 KB 66ms
65ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C05DA675A1053D87C82A9C5B23CE0847F6679ABC6C662CDD770C8F4EBF056225680852532FD1B0D0C815F266845DC6D9FE96E59CB304164FF41B71D6EDEB1E6F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21418edaca3d6ad9862b5ce6fd1777a375d097a32e9f03c5f76838e39ce9b616

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1179739
cf-polished: qual=85, origFmt=jpeg, origSize=12201
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6750
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Jan 2020 09:32:54 GMT
server: cloudflare
etag: "403ed96087cc1e0908796be6993d17d3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5u7FwrKQ8R3JEwbf2xkqxOGGHdb3t3hf%2BWLqq9aUxROmuGWE3UqbkKNk4%2F1uPqCNH5N7BJ%2FgFZXofRjuP7zAo3OmFsbH2CoI8SpZOuhzf2Hq6pF0GI5xrHzBzZERA0tcT1es6LolF6rjtfe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756696818ef799c0-CDG
expires: Sat, 08 Oct 2022 12:19:55 GMT

GET
H2 200 1574F89E3C559817A08A3A92A7A382FE4E9F40E7EE39AC37401491CF37127C36896C06CDF9E2F533A26433B624D54ED209692673563EC8925360D280112F5895
assets.ad4m.at/product_image/ Frame D811 25 KB
25 KB 67ms
66ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1574F89E3C559817A08A3A92A7A382FE4E9F40E7EE39AC37401491CF37127C36896C06CDF9E2F533A26433B624D54ED209692673563EC8925360D280112F5895
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d24a44b1153c1b23235fe05d2285970fcd799323e3863ebe4802dd106e7c0040

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38080
cf-polished: qual=85, origFmt=jpeg, origSize=82240
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25296
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Jul 2021 08:37:29 GMT
server: cloudflare
etag: "187f0b3762be28d4b3d05d2564820e05"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnK6xU%2FOmx0CHhiPK4eCsGCaeDwW%2Bdoa%2FZqnTdzmFi%2BFGXmMIQx4%2FTYrmTChuKijfEqvpQPvgWtakd3AJ7mM2QIezKEftB6pzn9ZB1cm2T0M15ImpTRPMB%2B7btpDmgGzRYG60LhNIb45hINt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756696818efb99c0-CDG
expires: Sat, 08 Oct 2022 12:19:55 GMT

GET
H/1.1

200
OK

trkr.php
znl.maisonic.com/ Frame D811
Redirect Chain

https://action.metaffiliation.com/trk.php?taff=P4F5F156C8631715&argsite=oneidkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsRoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://znl.maisonic.com/trkr.php?taff=P4F5F156C8631715&argsite=oneidkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsRoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

43 B
2 KB

132ms
33ms

Image
image/gif

95.131.136.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://znl.maisonic.com/trkr.php?taff=P4F5F156C8631715&argsite=oneidkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsRoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15788&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsR&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CzxqhRf8whEMWspHBHMtJCWxmuJTwTgBBHW&c=728&d=90&e=&g=a4b3a994a2de548f6c98fb25ab304237%2F17340549779760397290&i=30425%2C2951%2C3262&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1665145195625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyg4khcshdqsqw5wd1j2290epbc52h8c6chxaz04zbt205vmefcpyapr7992mxgv86e44a051gt72sjwzt1hczbqftpeszkmkw66psjtf5x3b9f1zjrarxeq8ty4r3k4mnv6edhs8c9ar4j7qgnxdswz2hkzep8s7xxgx0ja19ncyjvt76af0rbhkhp9z77ycxpq652vg7aw3419m341e8crmgn5xtywb1havegxvv6ttg9y5qd9pksbrm8974gst53t8gw1x6f8spafrwg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCj08aahlAY_nGJpXBxgPsxaagC-LSsvZhx7GOio4IwI23ARABIABg-wGCARdjYS1wdWItMjkxMDM1Nzk4MjY1MDc4NsgBCakCI2nvvItysD6oAwGqBMMBT9D2Zs7rHxUBEVQKNA8WEuq4C0cwRsk-OMx3j9pMORpKmNNeWN0oCbg_cbe0UxLGzYufqhZ85lvy0WmIl1Lz1C7Jr7rv2HU_rjgX5IsX5dzEN_0t42jlBNE9B2L7F-IrMIinKhuRd7D-p6Nj8Ue7Lvx0AHNYXk2bm3lhhFUhRSB-r8SBwYTQ0SzxE6XIZ_OsehRAroTwpGev1Vn7nE9VqgdC_AIviyWHYaNeM8xu1HC9JZe8I10AHp4yuA-CLOeiIAqtgAb4zIjRx6WxzyOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Uf_peIZe2JwzYWGjH9_eLAnEgBw%2526client%253Dca-pub-2910357982650786%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 95.131.136.1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 12:19:55 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0089960098266602
Connection: close
X-TRK-PROC: 62961
Pragma: no-cache
X-TRK-SRV: 9
Server: nginx
Last-Modified: Fri, 07 Oct 2022 12:19:55 GMT
X-TRK-DECISION: 7
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 07 Oct 2022 12:19:55 GMT
X-TRK-SRV: 9
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://znl.maisonic.com/trkr.php?taff=P4F5F156C8631715&argsite=oneidkZru5fJeS4Ypt4HwHetBtzEgakTjTprrsRoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
X-TRK-KWK-FP-ERR: action.metaffiliation.com - znl.maisonic.com
Access-Control-Allow-Credentials: true
Connection: close
X-TRK-PROC: 62961
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6F6C 0
10 B 28ms
28ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?by_7Qg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:19:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3F97 42 B
64 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7dT57kA1AQ-xDznyJmCxduaKui7RdEXC-3N0_53hiyUf6kxHbcE8g5Sjuqlb63-PQxWeBZGojkRPazgIPzv1c3PTTZfmnhYgP07ytj6CIzUwO1RV7pJmu8LDsQhOdNl5boqV62Q&sai=AMfl-YTKaG1QY8rt5dF9AHj7OXc7VpNMljbZqEpnJgwvGPNgb3Bn0BweMtE2-Nfc7A5AFMG4YMEEIZ-na3UXRUI&sig=Cg0ArKJSzHNqILUWtfJqEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665145193503&rpt=1416&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 12:19:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221003&jk=1849526201508205&bg=!i4iliMzNAAYQgTJdMIE7ACkAdvg8Wt3Zxo_Jd0C82KzIgDq9YWPeib5SLOQXamgDrAqugMBSav_eNgIAAABqUgAAAAJoAQcKALNSYT5cvYHbrVzGhBoUtAF5YHhf771U1ILz1J2yau61HEfHk3XplC4zj9NMjeq2eDREfyy6tEUIG5CWCWXsf5R2puICYs80wtfpdbsV-acM17_ly3drwJlpS6VGguqVkyjU0F-0LnjOk_Zd0g50AKG0stcZwKICpZTc3mQ78S-RYVVBqLzzPGy6ZEwv3rWOEYh5xo7NIF-XejI3yBGI_gsuYsDxcdhwceBBvj3-5qgvO_Y0EpkC5dhxOQG6EYX4TbkOFrbF-Id_IGQeIzKCg4FXdwwPYoVKwJpzPqcBsr3XgUw3xZeK7AbZMCJf0W_sJ1U7qamC6L3O1PKLZywjSEYBZ1P8iALmlxFJqaqVnhPbBUahMazJyRXEEDvIvGm43lk2Eex8i_IaJ2ZwYptKQfVYSmBQZ_awGb2wW8kPynV9AJcStiFccYkulEyJsJRQheQ6FZoSkdH4Y6CVtkSO3R2FLCZVjofIB8vpZ0_dW47aupOqxpPr50Kdn7_nxnmdpLaYwoCq_idKUoCpBEcpbIYOruwz4duX0AzDbiv3hVH6Mf-YBsiPyngBIN_Gc_OeijBKysnyuS_zMB_WXkmR9GQ2bgcgbwElYDU83kYft3kD2hJf4gLitwTKtMxNFZepJN277DEg06_XUfWhMmTvXxW-QT0uSVJ3HFyYJgb6YAuhE1up0vhZhE1IuFxP92sPNTcqVz3n4TrsvBjJB-szRa8no_oNBSNUsYQnAl4RfKsGM0webtUow8LxSBH0Jl545TO2FuQF8rS6fjePDveRz34DYcPZmZlLo_vUHE6u_yWjzzsKkejJn0_II-SYQdHy12695GZ_O8t9-Y916-UIhfRrsFISmzsHil6EPMCttkS1STuY4NVJ46NPGpT9ItuZcgQCoY0n8DQ30wBk86vMmTYMudJFzcSIySRhMjqXkNAG27GsMk6vN5YVtbbJzXaz1UNcnFc1oo5Eu1b2xGj3QHiivezCuXVw0Fu-XOzguMSiu0fuv4cTHbNPzWaGCJ3N2mYwbj4mYsJib0gRuv8yDkzJRFFY1-8T-TuhRh41I6JXiYcc7A-dsLVve6DulEyPUzY-AXiqcZoS3s9_TehezdmaIP-25PwyTk2aegqRklxnycim1Lb8AmkVgl85bKYfNQ_RVfF1DcmGS1EgHugqRJdkT3j_mqazzOtWcbbsfpb79-4b70boa0MvTNjMck6M6qgG4wxGZ46ywFJA-A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGY4nbKlDlCDfrb0jzIV5D4&google_cver=1&google_push=AZmPxg8LGp_0izGXY8wWsvzI25pNO_LVLN5DEGk4rNxED9lxkCbQA-gSnsG5g4H_OxNagK99B3HJKHjQXuC-w-aRKS3KfEaeIuAO

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGY4nbKlDlCDfrb0jzIV5D4&google_cver=1&google_push=AZmPxg_0r3cGmK4Ec6X17bfqASQrLNkrEFp4vcp_F8KKs1BSkPu5LK-SMPU5Dhqbp8tPFyuYKu0PTtBLPdMPjHrxYWn89-v5twJW

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ngembassy.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 992d9ae31f05df2d862a60dadc855f90
.ngembassy.info/	1970-01-20 16:08:25	Name: _ga_6HX21LM9FM Value: GS1.1.1665145193.1.0.1665145193.0.0.0
.ngembassy.info/	1970-01-20 16:08:25	Name: _ga Value: GA1.1.1003399831.1665145193
.ngembassy.info/	1970-01-20 15:54:01	Name: __gads Value: ID=cf8d22e2bcc7239a-22b5d88f3bce00c7:T=1665145193:RT=1665145193:S=ALNI_MatjqPRGaaAe6OQ4JeSJZyOBBmueg
.doubleclick.net/	1970-01-20 15:54:01	Name: IDE Value: AHWqTUlwXbcSXCH3CjvM-OBYcp5sxqRhcYuylx6uph8OU0ziFGHvtpe4BVW69FWAjuE
.doubleclick.net/	1970-01-20 06:32:26	Name: test_cookie Value: CheckForPermission
.quantserve.com/	1970-01-20 08:42:01	Name: d Value: EBwBCQGjJ4EA
.casalemedia.com/	1970-01-20 08:42:01	Name: CMPS Value: 3375
.casalemedia.com/	1970-01-20 08:42:01	Name: CMPRO Value: 3375
.quantserve.com/	1970-01-20 16:02:39	Name: mc Value: 6340196b-494af-5df69-f0ffc
.casalemedia.com/	1970-01-20 15:18:01	Name: CMID Value: Y0AZa7P61PUbZj7EIQwHYQAA
.openx.net/	1970-01-20 15:18:01	Name: i Value: 291ccd0d-4174-4c8a-add9-baeec524c335\|1665145195
.casalemedia.com/	1970-01-20 08:42:01	Name: CMTS Value: 5281
.mookie1.com/	1970-01-20 16:01:13	Name: id Value: 10817435200232334051
.mookie1.com/	1970-01-20 16:01:13	Name: mdata Value: 1\|10817435200232334051\|1665145195380
.mookie1.com/	1970-01-20 16:01:13	Name: ov Value: 6ce28c22f6976c0c4df84887e560388a
.innovid.com/	1970-01-20 08:42:01	Name: uuid Value: 2db71d48-8860-4ff8-97aa-0b1a09520889-20221007 08:19:55
.metaffiliation.com/	1970-01-20 07:58:49	Name: kwknc_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/	1970-01-20 07:58:49	Name: neta_ssc Value: 7fb7f3xk8sf58bk4knw1yw1ghowp
.metaffiliation.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 7fb7f3xk8sf58bk4knw1yw1ghowp
.aircaraibes.com/	1970-01-20 07:58:49	Name: kwknc_ssc Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.aircaraibes.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.aircaraibes.com/	1970-01-20 07:58:49	Name: neta_ssc Value: dadaf3xk8sf5pawe8ekyagx7jt9d
.aircaraibes.com/	1969-12-31 23:59:59	Name: netases_ssc Value: dadaf3xk8sf5pawe8ekyagx7jt9d
.maisonic.com/	1970-01-20 07:58:49	Name: kwknc_ssc Value: dp4f5f156c8631715-b25laWRrWnJ1NWZKZVM0WXB0NEh3SGV0QnR6RWdha1RqVHBycnNSb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.maisonic.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4f5f156c8631715-b25laWRrWnJ1NWZKZVM0WXB0NEh3SGV0QnR6RWdha1RqVHBycnNSb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.maisonic.com/	1970-01-20 07:58:49	Name: neta_ssc Value: fa46f3xk8sf8q60qmgjkenqouh36
.maisonic.com/	1969-12-31 23:59:59	Name: netases_ssc Value: fa46f3xk8sf8q60qmgjkenqouh36

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGY4nbKlDlCDfrb0jzIV5D4&google_cver=1&google_push=AZmPxg8LGp_0izGXY8wWsvzI25pNO_LVLN5DEGk4rNxED9lxkCbQA-gSnsG5g4H_OxNagK99B3HJKHjQXuC-w-aRKS3KfEaeIuAO Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGY4nbKlDlCDfrb0jzIV5D4&google_cver=1&google_push=AZmPxg_0r3cGmK4Ec6X17bfqASQrLNkrEFp4vcp_F8KKs1BSkPu5LK-SMPU5Dhqbp8tPFyuYKu0PTtBLPdMPjHrxYWn89-v5twJW Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-2910357982650786&fa=1&ifi=7&uci=a!7&btvi=4&xpc=hRiVz9Yfj8&p=https%3A//ngembassy.info Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.metaffiliation.com
ad4m.at
adservice.google.com
adservice.google.fr
ag.innovid.com
as.ad4m.at
assets.ad4m.at
cdn.ckeditor.com
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
img.metaffiliation.com
jpp.aircaraibes.com
ngembassy.info
ngembassy.org
odr.mookie1.com
p4-dhvjyqqly5gu6-dlyvhicvklsampg6-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
region1.google-analytics.com
rtb.openx.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
znl.maisonic.com
googlecm.hit.gemius.pl
103.72.77.63
142.250.184.194
142.250.186.99
185.64.190.78
185.80.39.216
192.229.220.129
2001:4860:4802:32::36
205.234.175.175
2600:1901:0:76b9::
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:806::200a
2a00:1450:4001:809::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a05:d01c:1d8:8101:4c06:9c07:4ce5:8122
34.98.67.61
35.227.252.103
69.173.144.139
95.131.136.1
00eb6ce2456c0dd817a87b3e7f7934ddcd91a2b29f304d1cd98cf319b4a38306
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
148e944f65a435d1c39cd3f81be59f65f7543994596d9a0945d5197bc58d588e
14e8ff6d39adcaf4db1b200db29915a4a00744f27fd10614ef6f49949f534edc
1aa2af3ac3f82fbd8674f4cf074816f6082d2ada31976b5ee3041cd3e86803e7
21418edaca3d6ad9862b5ce6fd1777a375d097a32e9f03c5f76838e39ce9b616
267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647
2d771e5f095f5a34cb3aa6d1b6fb01fe008e6bb993234f530634a1ec465eaf07
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795
320e9a5e6a6bbcda50b74322b3cdfe8011568fbb0e704bdf875c17f692015b8c
32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
39e62107066529698f1e0568b3d8af26487d7f0966e4323eea6e5f3ea0ca28a5
3a9692aaf23bc755fb9d175c94afb0e53b7de402d5ee6fb4ceedb56353fd1f58
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c8f2dd155b69ea1a6103463d78b746ae821c5f3a1cdf73a06ff7f758ff9b8ed
3d979025bd2f0e1346c2f0fb1e626babe5708ecc4e3fc3aa74de567556964879
3ebc9d9259b251e069f638e279a7b4e8410e232ef78c4d4e5f36f1f5d8af7701
404bef8d52ef62ea4960699c4daafd9b3dc4b6314ba3f13672cf3d9dd5a3ff6c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4736672260ab0cf94ad37de85f33a0c5aeb75d70320fc6480956680a1ef41f31
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b43924b55481613b8536446f4fe4ad13b80a63f265ba25830614555b08d68fc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
513acc725f87aa98d93f3d63030b058a65d1dffdb7605ef9aac93ba6ca9636bb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a32cd3aa02ede12a27bff30307abee7970cbc2f0e3410ef14176d09a1db15e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
6657a7d3ac4506ce3b0ca9234df4f63b6bff8e94e92f21f9d77921b166fc6925
6662a88e91de4223a31c5ea17534f89906d0e40d33e5f07e84d5700b2836bbad
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c
676d8ac5677bc1943beb34ded860b095fa782c33257fe00b8ed4ae425e60ae38
685454498ab464c992327759a925959c1360d694f00f18f7fc951c7abd63c0a9
6c54c120d12085b99eb408442bc7882747f3532870e578e483bc4ab99d24c56c
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c
84d09806b865ede7c3b2a1475d94777d743ecf07aecaf037aae996158da623ac
8512024ca6f8040b5d6e1da24c8677a3ba701365e56a593ac95fadbcb23b3c75
889087766998e260a22f5c5ccbc7f2e03b168c780bcd7a922b66581241a3ecad
89966b7626c91cec9320b8ce54ae79db5de05e602b578475fd748e0ea042c35d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ad9da44e7a063387796753764b97e56eb1ea4eca8c68d7622e6904cd7e44bff
8c451bd4d55ef9db992b00ca8dceffb0cc6c5931a9656ff4336280130afef56d
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81
96d840e7810bab2448317fe2ba8d37fd68477372f914ed61ccdf7d390cb88071
9730fbde9ce805bcadb096de2dd86e0205dd5a87b3ab6b0433e65873d63d428c
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c88e6efcd7b36b4f18725cbc7b5e71cb654bca6e3bb76fe886aead81c69cdf7
9cdede4076db6736b2214b4dc591fc6dc92ba06230d7c98200dcf8653510e248
9cf43b583ccf3a5db6dd06b3c50eb8bd0cd144e91e32ea2a985f1c6b6a0d058f
9ec903ad10129730201a3de8cba338623b956e2bff906485a994fa0ba346d14d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a103c9f033863dc4bfd397f87a47fc652b7d6c8fb3278e2bdb0f30c963601d99
a300f3020bc79aa9c112333dfdc6cd975b14e57dd5fbb398237c9a9f359a36e7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58091f89f887419568e3fb01d7af0345757db9c225040f1493a4238ad161b0e
a611eeac1a9d8bfd87c5a827d376f84dd2f9804dbe00dc445a26006cce941c8a
a69d282071d6718929c2115e5220aeb7537c3affe7a04ee35ae814eac245574c
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ae576fc81179b29dd976c1044f9df5946e1b0c8ccbb64b25d0773492808a0ae1
b88e2b045e3c6cb809fe254fb2fc1828639ed5ef95ce4fba582da56a693efd9c
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c16ce1c562a94558b9ef3c5047912c52b7d7864ba3198d39fafb8eaf87ccfa56
c266c60c011c4790eabde1a884c25d6c4e4ee7c9ab96fa9dedc737d3d4fe734c
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6d209ce80af1a13e14a1d75f7311497df5f97de026bfa12295186dffdfdb1f5
ccb415e54af1fbb92f30d06069c7b0d85cc0334380adf7986d67984535261802
d24a44b1153c1b23235fe05d2285970fcd799323e3863ebe4802dd106e7c0040
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dc57a413d6bfd7f70b10453e990af4389e9e6f08c2b58aa30097d855e6260f52
e1ef4b91984cbc361b8f74fe4a70461fb1fa48cf5f05d1c5e3ea1251f064e763
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51abfcd922817421031693ca3531f1da2ca00c5a031ab163cd377809734ef27
e8adfb6325b9f5e2692f750d016484c154ee4c0ef5fa804f511a5932683612ff
e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7534a3e962da708c7b8a3b5f122669e4688a1c17f86e9fdb1b2684edca4f351
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758

ngembassy.info Open in urlscan Pro 103.72.77.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

90 %HTTPS

61 %IPv6

26 Domains

35 Subdomains

25 IPs

3 Countries

2703 kBTransfer

5987 kBSize

29 Cookies

1 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ngembassy.info Open in urlscan Pro
103.72.77.63 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

90 %
HTTPS

61 %
IPv6

26
Domains

35
Subdomains

25
IPs

3
Countries

2703 kB
Transfer

5987 kB
Size

29
Cookies

176 HTTP transactions
9 data transactions