gif-transparent.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gif-transparent.fr.gd/
Effective URL:
https://gif-transparent.fr.gd/
Submission: On February 14 via api (February 14th 2024, 9:45:37 pm UTC) from US — Scanned from US

Summary HTTP 100 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 18 domains to perform 100 HTTP transactions. The main IP is 193.238.27.28, located in Germany and belongs to . The main domain is gif-transparent.fr.gd.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.

This is the only time gif-transparent.fr.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	193.238.27.28 193.238.27.28	() ()
2	178.162.223.113 178.162.223.113	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
14	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
19	178.162.223.114 178.162.223.114	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
3	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:cc74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 15	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	20.119.175.244 20.119.175.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1	87.118.71.104 87.118.71.104	31103 (KEYWEB-AS) (KEYWEB-AS)
1	176.9.183.55 176.9.183.55	24940 (HETZNER-AS) (HETZNER-AS)
3	3.75.56.58 3.75.56.58	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c02::78	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1	142.251.163.154 142.251.163.154	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4000:45::7	15169 (GOOGLE) (GOOGLE)
2	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1	2600:9000:251... 2600:9000:2511:6c00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
100	25

2 193.238.27.28 (Germany) 1 redirects

ASN- ()
PTR: fr.gd

gif-transparent.fr.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.223.113 (Berlin, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com

theme.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 178.162.223.114 (Berlin, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: img.webme.com

img.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:cc74 (United States)

ASN13335 (CLOUDFLARENET, US)

asrv205.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:80f::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.119.175.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ssl.microsofttranslator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:cb40:200::242 (Germany) 1 redirects

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.71.104 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: s4007.hqgmbh.eu

www.mr-shop.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.183.55 (Bayreuth, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de

fwdtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.56.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com

visifeed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c02::78 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4000:45::7 (United States)

ASN15169 (GOOGLE, US)

r2---sn-q4flrnez.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:6c00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 ade.googlesyndication.com — Cisco Umbrella Rank: 307	465 KB
21	webme.com theme.webme.com — Cisco Umbrella Rank: 877437 img.webme.com — Cisco Umbrella Rank: 448778	2 MB
18	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 bid.g.doubleclick.net — Cisco Umbrella Rank: 1015 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551 cm.g.doubleclick.net — Cisco Umbrella Rank: 278	106 KB
11	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	49 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 imasdk.googleapis.com — Cisco Umbrella Rank: 476	139 KB
3	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	2 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1326 r2---sn-q4flrnez.c.2mdn.net — Cisco Umbrella Rank: 172097	4 MB
3	visifeed.org visifeed.org — Cisco Umbrella Rank: 141068	2 KB
3	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 605	17 KB
2	adcell.com 1 redirects t.adcell.com — Cisco Umbrella Rank: 56042	644 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	89 KB
2	fr.gd 1 redirects gif-transparent.fr.gd	10 KB
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 906	612 B
1	fwdtrk.com fwdtrk.com — Cisco Umbrella Rank: 962361 fwd.fwdtrk.com Failed	2 KB
1	mr-shop.de www.mr-shop.de	33 KB
1	microsofttranslator.com ssl.microsofttranslator.com — Cisco Umbrella Rank: 82996	35 KB
1	asrv205.com asrv205.com	1 KB
0	redokan.com Failed redokan.com Failed
100	18

	Domain	Requested by
19	img.webme.com	gif-transparent.fr.gd
15	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net gif-transparent.fr.gd
14	pagead2.googlesyndication.com	gif-transparent.fr.gd pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com
6	csi.gstatic.com	imasdk.googleapis.com
3	dsum-sec.casalemedia.com	2 redirects gif-transparent.fr.gd
3	imasdk.googleapis.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	visifeed.org	fwdtrk.com visifeed.org
3	ssl.google-analytics.com	gif-transparent.fr.gd
2	ade.googlesyndication.com	gif-transparent.fr.gd
2	r2---sn-q4flrnez.c.2mdn.net	gif-transparent.fr.gd
2	fonts.gstatic.com	fonts.googleapis.com
2	t.adcell.com	1 redirects asrv205.com
2	connect.facebook.net	gif-transparent.fr.gd connect.facebook.net
2	theme.webme.com	gif-transparent.fr.gd
2	gif-transparent.fr.gd	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	d.agkn.com	gif-transparent.fr.gd
1	googleads4.g.doubleclick.net	gif-transparent.fr.gd
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	fwdtrk.com	asrv205.com
1	www.mr-shop.de	asrv205.com
1	ssl.microsofttranslator.com	gif-transparent.fr.gd
1	asrv205.com	gif-transparent.fr.gd
0	redokan.com Failed	visifeed.org
0	fwd.fwdtrk.com Failed	fwdtrk.com
100	29

This site contains links to these domains. Also see Links.

Domain
www.gif-transparent.fr.gd
gisoft.ca
3dscreensavers.xyz
www.photos.gisoft.ca
www.free-png.gisoft.ca
www.free-textures.gisoft.ca
www.art-visuel.fr.gd
www.ma-page.fr

Subject Issuer	Validity	Valid
fr.gd R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
misc.webme.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-24` - `2024-02-22`	3 months	crt.sh
img.webme.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
asrv205.com GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh
*.microsofttranslator.com Microsoft Azure TLS Issuing CA 06	`2023-07-23` - `2024-06-27`	a year	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2023-07-28` - `2024-07-27`	a year	crt.sh
fwdtrk.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
visifeed.org R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://gif-transparent.fr.gd/
Frame ID: 9801DC99A65C5996E2358C7A8E961DF1
Requests: 34 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: 7680019C4ACB429795D3C96363769EAA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20190131/zrt_lookup_fy2021.html
Frame ID: 06D89F616F2BEB5B1DB93BD052B56B81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6278991490888262&output=html&adk=1812271804&adf=3025194257&lmt=1707947129&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129241&bpp=5&bdt=990&idt=237&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1207082999616&frm=20&pv=2&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=495634489&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=257
Frame ID: 3AB65894B4689648F0D1FC5EC34B8065
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3925305064&adk=2223476286&adf=772879325&pi=t.ma~as.3925305064&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129246&bpp=2&bdt=995&idt=259&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1207082999616&frm=20&pv=2&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=495634489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=265
Frame ID: 1C24E0D1B739D571D700332E77D5B028
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3925305064&adk=2223476286&adf=626710196&pi=t.ma~as.3925305064&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129248&bpp=1&bdt=996&idt=271&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=495634489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=275
Frame ID: 663BBC8D6625A26FADDAEF0A7BEA8AE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3925305064&adk=2223476286&adf=482049734&pi=t.ma~as.3925305064&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129249&bpp=1&bdt=998&idt=289&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=1046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=9539817&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=295
Frame ID: 9C7204BE30C70FAE5DE63A15831DF444
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3785704264&adk=3212669525&adf=1176748307&pi=t.ma~as.3785704264&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129249&bpp=1&bdt=998&idt=303&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150%2C180x150%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=9539817&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=308
Frame ID: F06E9D24736C72348E368BF8742BC72E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3785704264&adk=3212669525&adf=396006072&pi=t.ma~as.3785704264&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129250&bpp=1&bdt=999&idt=317&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150%2C180x150%2C180x150%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=9539817&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=321
Frame ID: 7688ECD6882D2462D121AD21289DF7ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3785704264&adk=3212669525&adf=836460798&pi=t.ma~as.3785704264&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129250&bpp=1&bdt=999&idt=331&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150%2C180x150%2C180x150%2C180x150%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=9539817&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=334
Frame ID: BF1E7D5ADD529E3D68824A6FCE80CC1B
Requests: 1 HTTP requests in this frame

Frame: https://t.adcell.com/p/view?promoId=364266&slotId=105746&pv=1
Frame ID: CF15812F8204A58E19B6D50B9863F9B0
Requests: 1 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjcsImNyZWF0aXZlX2lkIjozNywicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNzk0NzEyOX0%3D
Frame ID: 9964561143A25C1EA147FE676D35D161
Requests: 2 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=bbcf19b515333a1f0611d9bc7dc47cc1995902427600a3867b6c3cd4d2a1fd55&ci=yCax6Lo8&its=9F%5Bt%2ALq5d8bB%7DQD%3BykPWbUW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: 6118B65AC542275CD8BF3785BDCD168A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2FD0CAAF39D81721EC6CE9D229BBE051
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4AB6FA712E1098FF994CF7D2F7D92B6D
Requests: 33 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 67F77B7A72B3D6F21C89AD13A354D71B
Requests: 7 HTTP requests in this frame

Frame: https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=bbcf19b515333a1f0611d9bc7dc47cc1995902427600a3867b6c3cd4d2a1fd00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Frame ID: 5F579B1FF4F35EFBC69AED72C18BD16B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js
Frame ID: CDFB72EC2D8787FAC458B94AB17F347F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3E1D7AC0A1EA7DF26BA531A3010DAA13
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

La Boutique des Gifs Transparents - Accueil

Page URL History Show full URLs

http://gif-transparent.fr.gd/ HTTP 301
https://gif-transparent.fr.gd/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Page Statistics

100
Requests

95 %
HTTPS

54 %
IPv6

18
Domains

29
Subdomains

25
IPs

4
Countries

6627 kB
Transfer

8369 kB
Size

18
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.gif-transparent.fr.gd/Services.htm
Title: ici.

Search URL Search Domain Scan URL

URL: http://gisoft.ca/
Title: Graphiques et designs

Search URL Search Domain Scan URL

URL: http://3dscreensavers.xyz/
Title: Écrans de veille animés

Search URL Search Domain Scan URL

URL: http://www.photos.gisoft.ca/
Title: Photos gratuites

Search URL Search Domain Scan URL

URL: http://www.free-png.gisoft.ca/
Title: Image png gratuite

Search URL Search Domain Scan URL

URL: http://www.free-textures.gisoft.ca/
Title: Textures gratuites

Search URL Search Domain Scan URL

URL: http://www.art-visuel.fr.gd/
Title: Composants web

Search URL Search Domain Scan URL

URL: http://www.gif-transparent.fr.gd/
Title: www.gif-transparent.fr.gd

Search URL Search Domain Scan URL

URL: https://www.ma-page.fr/?c=4000&utm_source=selfpromotion&utm_campaign=overlay&utm_medium=footer
Title: Ce site web a été créé gratuitement avec Ma-page.fr. Tu veux aussi ton propre site web ? S'inscrire gratuitement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gif-transparent.fr.gd/ HTTP 301
https://gif-transparent.fr.gd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://t.adcell.com/p/image?promoId=364263&slotId=105746 HTTP 302
https://www.mr-shop.de/blog/wp-content/uploads/2023/12/2023-12-13-Banner-Adcell-ICONS-300x250px.jpg

Request Chain 80

https://gcdn.2mdn.net/videoplayback/id/1ee4a120ca1046b2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847537073/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/4ED4AFC587C015C4DF9054446E998945DF2609B1.45A51D0DD78A4D9121C70C2209BCB2675A72F9C7/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-q4flrnez.c.2mdn.net/videoplayback/id/1ee4a120ca1046b2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847537073/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/426D88384BD86A216CF028502655881106AF6615.5DE5D00398A6A146BC2753981B27F71796B878CA/key/cms1/cms_redirect/yes/mh/7B/mip/2001:550:1d05:1::6/mm/42/mn/sn-q4flrnez/ms/onc/mt/1707945176/mv/m/mvi/2/pl/48/file/file.mp4

Request Chain 91

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP651wIQprvuAhigpYyCAiABMAE&v=APEucNWfRY9EQgYxY9A6JCZm6oPAjLBuDAN_i5Ey5ENYMiXAsS5tCUZS-B_RzbCmdWhj9ahu5Xl1bCHz71wxEyXP_1ibJTx3OBSWlo4pEFbbrhyshOSKPRw HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc00fdHM420AAEm3AC5t3QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzmnWmOLUIvA-Rgqr91TAE&google_cver=1

100 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
gif-transparent.fr.gd/
Redirect Chain

http://gif-transparent.fr.gd/
https://gif-transparent.fr.gd/

39 KB
10 KB

1003ms
211ms

Document
text/html

193.238.27.28

General

Check archive.org

Show headers Download Go to

Full URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.238.27.28 , Germany, ASN (),
Reverse DNS: fr.gd
Software: nginx /
Resource Hash: 854bb85e65ddf4a6ddc7cdf897d33bf02260cd5ef03724ad7cb4501b8507d197

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=ISO-8859-15
Date: Wed, 14 Feb 2024 21:45:28 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Via: 1.1 varnish-v4
X-Varnish: 773216666
X-wm-1: b5c15a4f00826b560de2380c0e08f5b7
X-wm-VIP: 193.238.27.28
X-wm-req.backend: SitesGET
X-wm-req.backend.healthy: true
X-wm-req.restarts: 0

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 14 Feb 2024 21:45:27 GMT
Location: https://gif-transparent.fr.gd/
Server: Varnish
X-Varnish: 777542542

GET
H/1.1 200
OK style.css
theme.webme.com/designs/flexible/css/ 9 KB
3 KB 933ms
146ms Stylesheet
text/css 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.webme.com/designs/flexible/css/style.css
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: daf3c668f974a9d8b1145c5a5ab9b7add34979e366cece3493ea6a9e26b63608

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:29 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Content-Encoding: gzip
Last-Modified: Tue, 27 Oct 2020 14:05:25 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 24855
Vary: Accept-Encoding
Content-Type: text/css
X-Varnish: 745550287, 742854806 736270095
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3004
Expires: Wed, 27 Mar 2024 14:51:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 224ms
93ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcdf78dae3209f365b757a2879ae87ff7c2e9626e274636cffcdc262ed3bf621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51120
x-xss-protection: 0
server: cafe
etag: 2400446189073329995
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 14 Feb 2024 21:45:28 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 221ms
95ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6278991490888262&host=ca-host-pub-1483906849246906

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31e677d0a57c3664d17b4ac8a29a9875cd8bcbb437f8bd96c20c57a745aa3ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gif-transparent.fr.gd/
Origin: https://gif-transparent.fr.gd
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51461
x-xss-protection: 0
server: cafe
etag: 10655631773069743811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 14 Feb 2024 21:45:29 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 219ms
65ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca13ee2fe4dd6cba99bb247b69ac1ca10ca53ef6291c4cc10dd9afe71d30a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gif-transparent.fr.gd/
Origin: https://gif-transparent.fr.gd
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 21:45:29 GMT
content-md5: k9ytDae7vODEbZHEBfZvRw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: 6cLk/MkY2ZrxCXzWI9vJ2OTmWNSXtFSwBk36zXY3nvwhk0EsWrqj5l51y8vC0NUX9+MDi4chPrSgjzXUFBkSxA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: b938b559e175fb664c96b35fc717a8ba
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "da2ef0da201ccd2390e7fd7c31f96ebc"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 14 Feb 2024 22:04:13 GMT

GET
H/1.1 200
OK us.png
theme.webme.com/img/flags/16x11/ 550 B
964 B 935ms
147ms Image
image/png 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/img/flags/16x11/us.png
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 67d775f6f2233b3c83bc2c077c5ed3bf52a27b0699d4abb8f48bbee09768f83d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:29 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Wed, 23 Sep 2015 10:37:18 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 64246
Content-Type: image/png
X-Varnish: 664668445, 742503220 731399829
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 550
Expires: Wed, 27 Mar 2024 03:54:42 GMT

GET
H/1.1 200
OK fleur_3.gif
img.webme.com/pic/g/gif-transparent/ 13 KB
13 KB 933ms
296ms Image
image/gif 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/fleur_3.gif
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 9b4aa26d704a01ec257b8e4d82d657184b6793c5b86db23b9cd7d0fe4014d0cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:28 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:39 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42072
ETag: "5497279b-32cb"
X-Varnish: 709534856, 741142763 734070955
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13003

GET
H/1.1 200
OK mouche_flip3.jpg
img.webme.com/pic/g/gif-transparent/ 30 KB
31 KB 148ms
148ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/mouche_flip3.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 66864bc3eeb0dd6798093a6248c1726d1db63dfbb7f1868e6583f8588f92eda8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:29 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:44 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42072
ETag: "549727a0-7962"
X-Varnish: 706990160, 742503246 728361253
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31074

GET
H/1.1 200
OK crab_flip2.jpg
img.webme.com/pic/g/gif-transparent/ 34 KB
34 KB 591ms
296ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/crab_flip2.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 59034a63f5d470f3957a906792ffff47473dc0835ad2ae0cdc2e2b8efa2023a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:29 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:35 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42073
ETag: "54972797-8693"
X-Varnish: 709534858, 741142857 733974165
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34451

GET
H/1.1 200
OK fleur_flip1.jpg
img.webme.com/pic/g/gif-transparent/ 33 KB
33 KB 599ms
303ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/fleur_flip1.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: a38fea5c8f84941de0c42ce14b90de271a93e46295631ae8176c389899b70655

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:29 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:39 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42073
ETag: "5497279b-8210"
X-Varnish: 702998310, 742503289 733974168
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33296

GET
H/1.1 200
OK gag6a.jpg
img.webme.com/pic/g/gif-transparent/ 205 KB
206 KB 604ms
308ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/gag6a.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 8cad19a148118c7492f1d9b5dc440c14b153a6777f94603669260509a8884917

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:29 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:41 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42073
ETag: "5497279d-33591"
X-Varnish: 709534860, 741142861 733818774
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210321

GET
H/1.1 200
OK gag5a.jpg
img.webme.com/pic/g/gif-transparent/ 242 KB
243 KB 621ms
311ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/gag5a.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: d5ea1cf0841ba567f52ff9d7b4ed9cadcc4beb40cbe0415ff021b8f3574e7c97

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:29 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:40 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42072
ETag: "5497279c-3c8dc"
X-Varnish: 708402528, 742503297 734070960
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 248028

GET
H/1.1 200
OK gag4a.jpg
img.webme.com/pic/g/gif-transparent/ 197 KB
197 KB 718ms
143ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/gag4a.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: eda1cffcf01e613c5bb2adf37efc6866c328e6cdb72a9b49d4bccdcd4affe350

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:29 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:40 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42073
ETag: "5497279c-313ae"
X-Varnish: 707390313, 742724879 728361266
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 201646

GET
H/1.1 200
OK gag3a.jpg
img.webme.com/pic/g/gif-transparent/ 235 KB
236 KB 148ms
148ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/gag3a.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: d00ec0830aa04065436640a8be0338389970dddd42004b868ea911b4b58a79ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:29 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:41 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42072
ETag: "5497279d-3ace9"
X-Varnish: 707390315, 742503317 734070967
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 240873

GET
H/1.1 200
OK gag2a.jpg
img.webme.com/pic/g/gif-transparent/ 215 KB
216 KB 148ms
148ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/gag2a.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 32f2cc572165762af8fdc9181806ae914af89b46370741f7b186548566c7a435

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:29 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:40 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42072
ETag: "5497279c-35ca5"
X-Varnish: 707688412, 742854818 728361271
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 220325

GET
H/1.1 200
OK objett.jpg
img.webme.com/pic/g/gif-transparent/ 9 KB
9 KB 144ms
143ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/objett.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 11f8ede7eb95a541830f565fe8a2047889ed5b0d9194e4339a1bd047212f5a31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:30 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:45 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42072
ETag: "549727a1-22d8"
X-Varnish: 709920376, 742503419 734071016
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8920

GET
H/1.1 200
OK exemplet.jpg
img.webme.com/pic/g/gif-transparent/ 8 KB
9 KB 148ms
147ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/exemplet.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: accd9a9e5c3f64d794eed94c10c3d32dbdf7a17081224c27312e93f0c6230d2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:30 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:38 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42070
ETag: "5497279a-214e"
X-Varnish: 708402644, 742854901 728361333
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8526

GET
H/1.1 200
OK animationt.jpg
img.webme.com/pic/g/gif-transparent/ 8 KB
9 KB 148ms
147ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/animationt.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: b7f58236bc03c9463fa9e2e60952c203beba7fd7062b79e1b5f8d9f326c4b6f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:30 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:28 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42071
ETag: "54972790-21fa"
X-Varnish: 708402603, 742503461 728361285
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8698

GET
H/1.1 200
OK texturest.jpg
img.webme.com/pic/g/gif-transparent/ 8 KB
8 KB 143ms
143ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/texturest.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 4bd55b4910bf237f27b7339ef40e6bb8a874172331f8485bfb255006e512ee96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:30 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:49 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42071
ETag: "549727a5-1fbf"
X-Varnish: 707744922, 742503487 734071073
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8127

GET
H/1.1 200
OK gifgagt.jpg
img.webme.com/pic/g/gif-transparent/ 8 KB
9 KB 148ms
147ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/gifgagt.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 53a07140ade0e37536541147b1af0ac2aaa0e4d5bc0031ff4befffababf0277c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:30 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:41 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42071
ETag: "5497279d-21cc"
X-Varnish: 709054248, 742503493 734135419
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8652

GET
H/1.1 200
OK gifanimet.jpg
img.webme.com/pic/g/gif-transparent/ 10 KB
10 KB 148ms
148ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/gifanimet.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 332625ab6ceb803fd324ce17122d159c3ae73ad98aa1c1acf2a7bc16c201ad52

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:30 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:40 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42071
ETag: "5497279c-273a"
X-Varnish: 708402597, 742503495 733818781
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10042

GET
H/1.1 200
OK poemet.jpg
img.webme.com/pic/g/gif-transparent/ 8 KB
8 KB 148ms
147ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/poemet.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 62b1cf64640b6034edf08634cbcd0356558e1b662c36e8d8dbebde727f736b1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:30 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42071
ETag: "549727a2-1f6f"
X-Varnish: 707744924, 742503497 733236786
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8047

GET
H/1.1 200
OK photot.jpg
img.webme.com/pic/g/gif-transparent/ 10 KB
10 KB 143ms
143ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/photot.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 8750ac234f66fa1800146173d63747d96c6b6f08d2ac89add6fd9d98d4aaeeef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:30 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 42071
ETag: "549727a2-2746"
X-Varnish: 708402601, 742854979 734071070
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10054

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 193ms
61ms Script
text/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 20:11:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5652
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 14 Feb 2024 22:11:17 GMT

GET
H2 200 eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0= Show response
asrv205.com/adframe/ Frame 7680 2 KB
1 KB 442ms
321ms Document
text/html 2606:4700:3037::ac43:cc74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cc74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8af793ad5510b441d1103af7a7f136afcc7dad807ba2dd0e5c5620dfce8f4c1

Request headers

Referer: https://gif-transparent.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85587f965ba2226f-MIA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 14 Feb 2024 21:45:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmpKEpl%2BQpneU3j%2FJZtqvEiFAzZ0x8CQk4xY8G%2FK9aT%2B3X0XRNn5IePkmDKbJoNLxRJrHVQJpY4IOjbEFnBMLishX9IRxNIWFpjUoaINLTrumQdtjlqYivBh22rKAnny7IaHTvpyZ0abvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK body-bg1.jpg
img.webme.com/pic/g/gif-transparent/ 33 KB
34 KB 549ms
290ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/body-bg1.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: a131464dbb7a8c140841dce792af537ea986cac65997197501e1c4188ad3f7e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:29 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:32 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 23941
ETag: "54972794-8564"
X-Varnish: 740371292, 741142855 734579030
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34148

GET
H/1.1 200
OK bg1.jpg
img.webme.com/pic/g/gif-transparent/ 236 KB
236 KB 414ms
148ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/g/gif-transparent/bg1.jpg
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 6e8d74382a77f017db6806fb60329150d813180bcac817eb66c328b22d68fb5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:29 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 21 Dec 2014 20:03:33 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 23941
ETag: "54972795-3afb6"
X-Varnish: 740371294, 742503291 735167606
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 241590

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ 407 KB
138 KB 112ms
111ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

937a3305c7328dac67ee8b16594dc968c77128182a15a5a4b37314d74ca39086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141257
x-xss-protection: 0
server: cafe
etag: 17706908278619658644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 21:45:29 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240213/r20190131/ Frame 06D8 9 KB
5 KB 199ms
63ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240213/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gif-transparent.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 80038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 23:31:31 GMT
etag: 3890843268177463596
expires: Tue, 27 Feb 2024 23:31:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 WidgetV3.ashx Show response
ssl.microsofttranslator.com/ajax/v3/ 82 KB
35 KB 397ms
67ms Script
application/x-javascript 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.microsofttranslator.com/ajax/v3/WidgetV3.ashx?siteData=ueOIGRSKkd965FeEGM5JtQ**&ctf=True&ui=true&settings=Auto&from=fr
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 60245caf8ee6fbf73f721bf5dd26ee546f70a5234c4f2b751e77af57a71fed8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:29 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
cache-control: no-cache
x-ms-trans-info: s=11C1C, V2_Soap_GetAppIdToken.BNZE.1C18.0214T2145.7D4D16
content-length: 35777
expires: -1

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
122 B 77ms
75ms Image
image/gif 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=73062162&utmhn=gif-transparent.fr.gd&utmcs=ISO-8859-15&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=La%20Boutique%20des%20Gifs%20Transparents%20-%20Accueil&utmhid=643883303&utmr=-&utmp=%2F&utmht=1707947129419&utmac=UA-20061903-1&utmcc=__utma%3D59413947.728424841.1707947129.1707947129.1707947129.1%3B%2B__utmz%3D59413947.1707947129.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=719721290&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
194 B 62ms
61ms Image
image/gif 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1571496421&utmhn=gif-transparent.fr.gd&utmcs=ISO-8859-15&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=La%20Boutique%20des%20Gifs%20Transparents%20-%20Accueil&utmhid=643883303&utmr=-&utmp=%2F&utmht=1707947129424&utmac=UA-20061624-1&utmcc=__utma%3D59413947.728424841.1707947129.1707947129.1707947129.1%3B%2B__utmz%3D59413947.1707947129.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 00:00:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78313
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
85 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ed99ce9609631dfc24219801169076e6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79f2d6861f02a4f7b63b8866ee7280c756cc358f1fd45233e121547b459868f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gif-transparent.fr.gd/
Origin: https://gif-transparent.fr.gd
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 21:45:29 GMT
content-md5: 0ein0Vl39Dkr9InVML18Aw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87208
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: WbuIHa3BRWMpdKLOZepzZB93U4V939Ehagj4n9EbEKlj8azdkSch0dRnEmjmkEdhEloaFBLRkktAnhEIBmzFYA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 5003d9552ead7c6a15b89c628606924b
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "4dd2914abcd3062a7deff60fc378962c"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 13 Feb 2025 20:11:09 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3AB6 287 KB
72 KB 737ms
723ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6278991490888262&output=html&adk=1812271804&adf=3025194257&lmt=1707947129&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129241&bpp=5&bdt=990&idt=237&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1207082999616&frm=20&pv=2&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=495634489&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=257

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aca2eec6e1d7fc40a1e38889587a1ebc77cd8c4660cf88b45842dfd288a10f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gif-transparent.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 73007
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 21:45:30 GMT
expires: Wed, 14 Feb 2024 21:45:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 122ms
120ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=selfpromotionOverlay&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C24 603 B
211 B 112ms
98ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3925305064&adk=2223476286&adf=772879325&pi=t.ma~as.3925305064&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129246&bpp=2&bdt=995&idt=259&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1207082999616&frm=20&pv=2&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=495634489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=265

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gif-transparent.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 21:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 663B 603 B
211 B 107ms
95ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3925305064&adk=2223476286&adf=626710196&pi=t.ma~as.3925305064&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129248&bpp=1&bdt=996&idt=271&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=495634489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=275

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gif-transparent.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 21:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C72 603 B
211 B 110ms
99ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3925305064&adk=2223476286&adf=482049734&pi=t.ma~as.3925305064&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129249&bpp=1&bdt=998&idt=289&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=1046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=9539817&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=295

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gif-transparent.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 21:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F06E 603 B
214 B 103ms
94ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3785704264&adk=3212669525&adf=1176748307&pi=t.ma~as.3785704264&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129249&bpp=1&bdt=998&idt=303&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150%2C180x150%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=9539817&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=308

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gif-transparent.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 21:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7688 603 B
211 B 111ms
103ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3785704264&adk=3212669525&adf=396006072&pi=t.ma~as.3785704264&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129250&bpp=1&bdt=999&idt=317&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150%2C180x150%2C180x150%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=9539817&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=321

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gif-transparent.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 21:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF1E 603 B
211 B 104ms
97ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3785704264&adk=3212669525&adf=836460798&pi=t.ma~as.3785704264&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129250&bpp=1&bdt=999&idt=331&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150%2C180x150%2C180x150%2C180x150%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=9539817&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=334

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gif-transparent.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 21:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

2023-12-13-Banner-Adcell-ICONS-300x250px.jpg
www.mr-shop.de/blog/wp-content/uploads/2023/12/ Frame 7680
Redirect Chain

https://t.adcell.com/p/image?promoId=364263&slotId=105746
https://www.mr-shop.de/blog/wp-content/uploads/2023/12/2023-12-13-Banner-Adcell-ICONS-300x250px.jpg

33 KB
33 KB

1077ms
170ms

Image
image/jpeg

87.118.71.104
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mr-shop.de/blog/wp-content/uploads/2023/12/2023-12-13-Banner-Adcell-ICONS-300x250px.jpg

Requested by

Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING

Protocol

Server

87.118.71.104 , Germany, ASN31103 (KEYWEB-AS, DE),

Reverse DNS

s4007.hqgmbh.eu

Software

Apache/2.4.46 (Ubuntu) /

Resource Hash

461883ddb966b115df5d132b4d91bbf74e88a676b29a3e56c12a78c62da8020c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://asrv205.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:45:31 GMT
last-modified: Fri, 15 Dec 2023 08:12:34 GMT
server: Apache/2.4.46 (Ubuntu)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 33602
expires: Thu, 13 Feb 2025 21:45:31 GMT

Redirect headers

date: Wed, 14 Feb 2024 21:45:30 GMT
strict-transport-security: max-age=15768000
server: myracloud
content-type: text/html
location: https://www.mr-shop.de/blog/wp-content/uploads/2023/12/2023-12-13-Banner-Adcell-ICONS-300x250px.jpg
cache-control: max-age=0
content-length: 0
expires: Wed, 14 Feb 2024 21:45:30 GMT

GET
H2 200 view Show response
t.adcell.com/p/ Frame CF15 42 B
420 B 465ms
303ms Document
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/p/view?promoId=364266&slotId=105746&pv=1

Requested by

Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
content-type: image/gif
date: Wed, 14 Feb 2024 21:45:30 GMT
expires: Sat, 11 Jan 2003 12:59:00 GMT
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
pragma: no-cache
server: myracloud
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK eyJjYW1wYWlnbl9pZCI6MjcsImNyZWF0aXZlX2lkIjozNywicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwN... Show response
fwdtrk.com/track/ Frame 9964 1 KB
2 KB 590ms
223ms Document
text/html 176.9.183.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjcsImNyZWF0aXZlX2lkIjozNywicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNzk0NzEyOX0%3D
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.183.55 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.183.9.176.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Feb 2024 21:45:30 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET track
fwd.fwdtrk.com/ Frame 9964 0
0

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame 6118 399 B
734 B 636ms
164ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjcsImNyZWF0aXZlX2lkIjozNywicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNzk0NzEyOX0%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 4d2ef7ab2061b31b72985be0c608a497c309000f742a40f2ed8e951d5d496155

Request headers

Referer: https://fwdtrk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Feb 2024 21:45:30 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ 165 KB
56 KB 94ms
94ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/reactive_library_fy2021.js?bust=31081169

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f43c2ef72129ed9c9d2558868a4e55df300fad1e7a474fba8a18dfffa8bdf6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57026
x-xss-protection: 0
server: cafe
etag: 17131704289910158997
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 21:45:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 142ms
141ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&hl=fr&pvc=58783134581112

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gif-transparent.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/ Frame 2FD0 9 KB
4 KB 64ms
63ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gif-transparent.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 79235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 23:44:55 GMT
etag: 3890843268177463596
expires: Tue, 27 Feb 2024 23:44:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/ Frame 4AB6 9 KB
4 KB 68ms
67ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gif-transparent.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 79235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 23:44:55 GMT
etag: 3890843268177463596
expires: Tue, 27 Feb 2024 23:44:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 2FD0 5 KB
1 KB 277ms
77ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Feb 2024 21:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 20:01:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Feb 2024 21:45:31 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2FD0 205 B
295 B 261ms
65ms Image
image/png 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 09:04:27 GMT
x-content-type-options: nosniff
age: 45664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Feb 2025 09:04:27 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2FD0 604 B
1 KB 260ms
64ms Image
image/png 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 09:02:54 GMT
x-content-type-options: nosniff
age: 45757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Feb 2025 09:02:54 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/elements/html/ Frame 2FD0 15 KB
7 KB 261ms
66ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

128807e382b2823b22c893c3c363e358dc8ab839062af7550cbfae790ea5c7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 23:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6491
x-xss-protection: 0
server: cafe
etag: 466061988171370325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 23:32:24 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/elements/html/ Frame 2FD0 22 KB
9 KB 262ms
67ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 23:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 23:32:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/ Frame 4AB6 23 KB
9 KB 319ms
129ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 23:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 23:29:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4AB6 9 KB
846 B 269ms
80ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Feb 2024 21:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 21:11:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Feb 2024 21:45:31 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 4AB6 15 KB
3 KB 426ms
238ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:53:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 08:53:38 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 4AB6 378 KB
132 KB 253ms
65ms Script
text/javascript 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 08:58:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 4AB6 20 KB
8 KB 266ms
79ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 23:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 23:29:09 GMT

GET
H/1.1 200
OK i Show response
visifeed.org/ Frame 6118 404 B
731 B 156ms
156ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=bbcf19b515333a1f0611d9bc7dc47cc1995902427600a3867b6c3cd4d2a1fd55&ci=yCax6Lo8&its=9F%5Bt%2ALq5d8bB%7DQD%3BykPWbUW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: fe6fc2f7916a8cc240199d8a43a6bfca51d165c35635ca00ee5235eef19d59b6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Feb 2024 21:45:31 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H2 200 css
fonts.googleapis.com/ Frame 67F7 14 KB
1 KB 79ms
78ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Feb 2024 21:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 20:49:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Feb 2024 21:45:31 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 67F7 2 KB
875 B 63ms
61ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 23:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 23:29:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/ Frame 67F7 23 KB
9 KB 70ms
67ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 23:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 23:29:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 67F7 3 KB
1 KB 81ms
78ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 23:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 23:29:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 67F7 20 KB
8 KB 63ms
60ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 23:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 23:29:09 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 67F7 204 KB
61 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62867
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 22:31:40 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 67F7 36 KB
15 KB 63ms
61ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 09:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 21:48:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 May 2024 09:10:07 GMT

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame 5F57 342 B
667 B 171ms
170ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=bbcf19b515333a1f0611d9bc7dc47cc1995902427600a3867b6c3cd4d2a1fd00&ci=yCax6Lo8&its=9F%5Bt%2ALq5d8bB%7DQD%3BykPWbUW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=bbcf19b515333a1f0611d9bc7dc47cc1995902427600a3867b6c3cd4d2a1fd55&ci=yCax6Lo8&its=9F%5Bt%2ALq5d8bB%7DQD%3BykPWbUW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 10781190da858732c0576b589e2f3aa9fc8d63d75b2e4c0b957f3bf28e89e960

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Feb 2024 21:45:31 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame CDFB 51 KB
19 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 09:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 09:02:31 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4AB6 0
45 B 838ms
271ms Ping
image/gif 2404:6800:4003:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lsmbmguo&c=7995336274121&slotId=3997668137060.5&qqid=CL_71-_mq4QDFRwGRAgdtYAH3g&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4AB6 15 KB
16 KB 203ms
62ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 00:14:54 GMT
x-content-type-options: nosniff
age: 77437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 00:14:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4AB6 15 KB
15 KB 201ms
78ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 09:04:58 GMT
x-content-type-options: nosniff
age: 45633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 09:04:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AB6 0
20 B 123ms
122ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CC3O8eTTNZf_aKpyMkPIPtYGe8A3P3NmNafPo-celEp_sor3AARABIN7p7J8BYMmGgIDco8QQoAH-7ra5AsgBBagDAcgDmwSqBIACT9AE-fYfMrsN2jnH3sZ7UNmdrmR-k8Rhj854YxAKS7QZLnMMZCNLAFvkYNegVaWRZM58fdmXeYlA70SZIemwul_J_RTUeJD3x3yz7G3rzLTPglAbiPET0Hh3SNqNmzxQYqkcdj02WmMel1q8wSPC_srE48U2QZ0s7SYPNTKVmXjMKRaW_aswXeHa9mcUBbOm8Tr1U5jt5lXFAPU5R3zCiM248QV879Tr0_VnVHxjzxl2wtgtR0VvF2T-Kcmvn_9zVh8gHsE95B9KfInbe_P99bOsapKYIoZTJh9donp-rHZOry68_sLa9MIYlJ-kXy7MD93pkG3AJODrsQZ9cOxYE8AEk6-v77gD4AQDiAWGn-rpLZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WL3U1e_mq4QDgAoBmAsByAsBgAwBqg0CVVOwE9PexhbIE9WutwnYEwqIFAPYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1707947131360&ai=CC3O8eTTNZf_aKpyMkPIPtYGe8A3P3NmNafPo-celEp_sor3AARABIN7p7J8BYMmGgIDco8QQoAH-7ra5AsgBBagDAcgDmwSqBIACT9AE-fYfMrsN2jnH3sZ7UNmdrmR-k8Rhj854YxAKS7QZLnMMZCNLAFvkYNegVaWRZM58fdmXeYlA70SZIemwul_J_RTUeJD3x3yz7G3rzLTPglAbiPET0Hh3SNqNmzxQYqkcdj02WmMel1q8wSPC_srE48U2QZ0s7SYPNTKVmXjMKRaW_aswXeHa9mcUBbOm8Tr1U5jt5lXFAPU5R3zCiM248QV879Tr0_VnVHxjzxl2wtgtR0VvF2T-Kcmvn_9zVh8gHsE95B9KfInbe_P99bOsapKYIoZTJh9donp-rHZOry68_sLa9MIYlJ-kXy7MD93pkG3AJODrsQZ9cOxYE8AEk6-v77gD4AQDiAWGn-rpLZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WL3U1e_mq4QDgAoBmAsByAsBgAwBqg0CVVOwE9PexhbIE9WutwnYEwqIFAPYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4AB6 0
225 B 780ms
268ms Ping
image/gif 2404:6800:4003:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lsmbmgv6&c=7995336274121&slotId=3997668137060.5&qqid=CL_71-_mq4QDFRwGRAgdtYAH3g&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1h4&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 4AB6 33 KB
19 KB 228ms
88ms XHR
text/xml 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CqmWPHWe7RFJqwoqBpIbVKreHIq2vuCEEdhaMNknRgDx0cqPIQ6lrpVUxS0cmPzyyTwQhdoXfWyHEGeVRQwn4CV3AxMg&cry=1&dbm_d=AKAmf-DlQ56boPsgrlV448j2zMUg-3yU_lFx798TIZjSrbgD00FHXQ32QkJgrr7j7VqpqTc3M9LGV2OYihFkWQv7s1JZGMma5XLgx6-fJcCYh3bPc3lrJTHvuYgagYiKe0Xipkd89qQPFRn3j8UFKTmVsmsGgNi4htCrqkCzDcVxeWHHMvgO33_9S0-joOX1eqkKWJEQlGRCguVN9N-e9YMLknupasrDR8QhMnDyfI-stvkARA47n3qvPaLsM-9Ysj4ewMcU-u1tNR3DINbfhACQdA2r9-SLv5a2fjfpSEkOSwoCMeVafedPn1i3HezRqOhWbq3TjPuDAwb1OhJAxSnUYaFP0HUUOsLX7keThsknR10KIx6Bw3aR25UKWkT5keX-bux2kkqHonFkRpPLZlXzO3IRwdsnjy12EmfnwlKgxfIdrY5BPh4KbHfimVq8yRdqKSocgIqfSHRt1zFiWO7CuUn8nJlJFz8U1F6aw74D3oGYLjk_T-N3mBXcH62d8A3wH7NerxZ1XRGnYkg0NjINvsuWYwR2omKsdUngrw0BEVMnqmQwgaHhcOgfsQrUsU7A5OCKXp7HWxrCZYJJRUZc2klIf_hmkG1k-uE5XukOpnAUZmLVeXtmo_kMh8mnjIR_3PyRKkRerLo8rBWTxBZtXKGn-KTKluEel939qwCK9j3X1xjNX9wArkRCziksiExFS0KVYvc4AWfU1ARiEjUeBZsXtpmGp6XOZpbZamWy30KQ8gfn29CA7Mu8LDrfkk2ls7hqk_P-Y-65-lGAlcqYuqpYTy2cD0lWIeq01s9z3xiumAn-9ZHTR1U6rv-P-efmXfYrrdceHRshFOlZsZWLLWp-PU1WKCzYdQbGjO1LTAY_koDiGbSrDwwztFRTsxn-d5npYVAZ7Tyh5mFvToxV0Ry9uWiAbTdFSsIxsThtRsVsOEJTzmeO5l7Ao7k9-BcNUbTDaLmfGpdvJ0Bs2Gc7H-3qaxHBewoeRFw-JY8NjAHtK5qUI85z6wbrKujyH2DoFVcaDJ8BanUodf1ZVpmbTlXTIeaPxBe3hnZD0L0ajXL2gxnee_eLe91-FLBIYBp4j77PGP8GwkDKvDom_AzcN_z1lg-PSwBtOfydaiYYf3loPdC_GdD1tT5dczhiFyKqQytzJnR93ASyu0Wtd5NdMuevxHnIkGAzfXSqLWEAKcy21XeuFbc-fSSnoi2Ey2k6XZoTgKUvWqzpN_tRKR9e5sVHOoQaaIeizxm0m_uMoSY3sYdEzgblrpXo6p78nTenT_q603Mw0cZrRO2QzdfvKUJ4e5zB3GEy56_e1nhIVmkmqa0kaG-Xe_ku8arWtVfN8g99x6RK9lmuyn__WCtcLOd1shE7kddAtLlMFcNgWZWtMn2xLHLuYFaI396oBxoYTNnNYBPcGnqYF-Oj-ZAwjaTs3GI6b3wJ8Az8GOKxF9XpME723npd2v3TZxRWtLLJgGT7HqDCK39jI_k9X16HdCiH2X97AbbzrOGtQlWmS-urEvq_oNaLRvdubVrK_-FtbTbvv-_V7AilTdYsqZcF3jC70-ld0CvT9fJxSHXIU9j8lV4csn34VpxqoQPLsYrvLUNjER9ACcr36lIb5pojqjhfefp6SJAQsnM1TYXHmBH0RXRaomhj0LSPxy7A4sLJ6GI2NLDQh0q8Q0TFsHMhF1FrKsQ95tF1UOSLFif4FSbRDKhtG1GBGkI8127uHc6S8teFR_vsje-AJPpmxuB7b-4yEuSS7gcWGB7dbIt8rDtbDJMyoSKy9ylDxv1eg70n4KMmJnl5b-7ZEBtPVMtZWEeR1EQONRjI15JD0Ha-4ak1xVj8FQtxjRQ5UBwwG_EaCJuv8QGWi7pTQ7KAPredIADMXUCTssjEqyTTCXjt4Rxcy8WOYoVVq7tckUrOZwvDIxoMydMQhjU9SlFF0hzzvNiSIUmgDW1Wnvrkbh6zYK0NO3GVZwIos_mId5Gw05K1I9ciDIRYdtvhmoz5KwWyFLBaGujNLuSMJ6EMokfMZsjqF_K5XJYEJhNc5pcQWobS_lRAhd0ZrRBOF3kUXZMhy5A1kd8uz0srmihgUkgX3gxppEWtgiofKTK-ymdWF--5WMdEC_x0Fv1OGusUBlZx5MMrYWKhXc1gLRz9C9_PQFu_otUKIMi0sd8G4gnaqsD9f5qluk1IdmbDwALdbVILO9HfcLR70ihw8xAvIsG6FwgQmA4a2DrHJNgBhGkvaN3tar28LJswys1GAFw2F7kRO2edXzNYmz8_ecuZV7oFa5m3mxetcnAZT85R6wa_b_cmPNWHHVBipTtkOhbq4Ukg8oaEZJ8gybl6_dPczmUN8X1VcTtNc2gvOObvRHsyeCYMKEDmmE9uVvjN5oSeoemr6xwFIjeScg6CEfMz7r9y96H1_rlx3x2fPTroWiP-t6raXin7txx06X3dSt3S6IEAJJ4lkCIN3BfVkGkYY8OGQ1rGAts9fA5PPYhEPU1JbomnGVaoR4ZmJdVoiFbUd6jxaiDX3HPE-XHMLI0E_DUv5x6a3ON041IOye-eYrhwUPqeStHHFK5Nj_hUHyuyglIaQXgn7h-Bc6oFlb0RsI_WC1EkG2c8Yb7gYzQ2q7N7dZMXYdo7PltdkJxKh-CsrmrmvlveAUgXhNB141N54jm0gu8yHnmJ00VQn_4Z3CbN_o744jvnSS9koXYO53Nyfebpzimnxhw22-96MzdsrcXHrUix5q_5mzcDKh13e4mhGz3W7tjaEMDY_9iQLnqGIzX_KIFR6qXWXRNZ_w_f6J7mzGjSkl0rvfM01wcfpfG0N0D6oFWuI1G5XxqLRpkRoGNu_ecPtAjxfUql1yO4vG-OAGtPkY_uw6EG7MZYyFsJUqQ3c9t7whCQRFzGQH2ymG2yXFtGtb8LJVLgLl-jQIKMLyXUswdYM4FKY9iTQVXU0mYKfAJRlEeFuWM68ohC8BurHd4H6mARvXPNKevOSntFh_GcmlMzmh_0MECbAjdr2UcmcVAOCoMjBHoNo53_fCLIxKwavXPidkD3ZP6lyfAMqXXHX6PQ6p5_ocqGsGeN_Y8KRygur6zMUdeZKjyQcU-1tRazQsrPZ27XJfxaiQ5i55hyV1KZ7qfdPTgDpGXjhNSDh3AgV3gI0Wp0uwtr8LwwLn19s72oO0-eFh7NzXVSqkIEBc4Fc64RGjTohChzfNwpDMsSXV3433HVrVWMzwPkCxkA-Fnwv1b_2N9d8NYgtwiuuV7LDiay1GNt2vmTEvQyKeX4QSfsHPUS5R3LDez0WW3eHCM4kgpOpvEOuNJmvtQEEVp5njz-6uCSb5dBBMxO4p_kjOxbQPdkr_HR6NneHcn8zYTZsZNxJEP89DB1Zck5RkOVnvFXHfK5eqc06QRFbhPRRfJ8nhsPta0zzUXMo45WZt0Cu8LLPDQjetBnst2O-29wAxDPr5uGIRu_QsSkZQpuvZDc5eKTBQNs2dzVD_VpmWz2VlCwUgGw6hAPhYTWdtvWsMQ&cid=CAQSTwAvHhf_e1d8RE9PLKXJ6_AwNlwdKf1_A5lBb6q91uPN0kk_TqLYxAUIZmQvRgB3AmVNL6fxZN8wHB-aixgbZ7wAd-ZYShTZy6YQjNTVz0YYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

dc3aa103bdfc1e30da65a1e2a161d64cd6bad19624321fa99a31ab5972face9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18351
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4AB6 0
0 96ms
95ms Fetch
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXXTFeTTNZf_aKpyMkPIPtYGe8A3P3NmNafPo-celEp_sor3AARABIN7p7J8BYMmGgIDco8QQoAH-7ra5AsgBBagDAaoE_QFP0AT59h8yuw3aOcfexntQ2Z2uZH6TxGGPznhjEApLtBkucwxkI0sAW-Rg16BVpZFkznx92Zd5iUDvRJkh6bC6X8n9FNR4kPfHfLPsbevMtM-CUBuI8RPQeHdI2o2bPFBiqRx2PTZaYx6XWrzBI8L-ysTjxTZBnSztJg81MpWZeMwpFpb9qzBd4dr2ZxQFs6bxOvVTmO3mVcUA9TlHfMKIzbjxBXzv1OvT9WdUfGPPGXbC2C1HRW8XZP4pya_H_umjjLJYU7oO0nazRNjpPe1vfdntVZucaQsAFdmrU2Zz7JGskFki7fTseJhCjz6zhNojxWxPuPzr2E3zY10ewASTr6_vuAPgBAOIBYaf6uktkgUGCAMQARgBkgUGCBsQARgBkgUKCCIQARgBSPiQe5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHChCcrRkYoKWMggLSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYvdTV7-arhAOACgHICwHaDBAKChDgxoC3yZ_MkRgSAgEDsBPT3sYWyBPVrrcJ2BMKiBQD2BQB0BUBgBcBshccChoIABIUcHViLTYyNzg5OTE0OTA4ODgyNjIYAOgXBQ&sigh=mGx2U6sZxNQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_e1d8RE9PLKXJ6_AwNlwdKf1_A5lBb6q91uPN0kk_TqLYxAUIZmQvRgB3AmVNL6fxZN8wHB-aixgbZ7wAd-ZYShTZy6YQjNTVz0YYAQ&vt=10&nis=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Feb 2024 21:45:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Feb 2024 21:45:31 GMT

GET
DATA 200
OK truncated
/ Frame 4AB6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c70b2846e6175cdf551fa544eb2164341d3596c08c4b672320d94ec89c3d3f4a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET redirect
redokan.com/ Frame 5F57 0
0

POST
H2 204 csi
csi.gstatic.com/ Frame 4AB6 0
45 B 525ms
270ms Ping
image/gif 2404:6800:4003:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lsmbmgwp&c=7995336274121&slotId=3997668137060.5&qqid=CL_71-_mq4QDFRwGRAgdtYAH3g&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 4AB6 41 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 09:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 09:07:02 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-q4flrnez.c.2mdn.net/videoplayback/id/1ee4a120ca1046b2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847537073/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 4AB6
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/1ee4a120ca1046b2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847537073/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
https://r2---sn-q4flrnez.c.2mdn.net/videoplayback/id/1ee4a120ca1046b2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847537073/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

197ms
64ms

Fetch
video/mp4

2607:f8b0:4000:45::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-q4flrnez.c.2mdn.net/videoplayback/id/1ee4a120ca1046b2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847537073/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/426D88384BD86A216CF028502655881106AF6615.5DE5D00398A6A146BC2753981B27F71796B878CA/key/cms1/cms_redirect/yes/mh/7B/mip/2001:550:1d05:1::6/mm/42/mn/sn-q4flrnez/ms/onc/mt/1707945176/mv/m/mvi/2/pl/48/file/file.mp4

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

HTTP/1.1

Server

2607:f8b0:4000:45::7 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 21:45:32 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4222554
Last-Modified: Wed, 20 Dec 2023 16:17:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 14 Feb 2024 21:45:32 GMT

Redirect headers

date: Wed, 14 Feb 2024 21:45:31 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 647
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-q4flrnez.c.2mdn.net/videoplayback/id/1ee4a120ca1046b2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847537073/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/426D88384BD86A216CF028502655881106AF6615.5DE5D00398A6A146BC2753981B27F71796B878CA/key/cms1/cms_redirect/yes/mh/7B/mip/2001:550:1d05:1::6/mm/42/mn/sn-q4flrnez/ms/onc/mt/1707945176/mv/m/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 4AB6 453 B
477 B 79ms
77ms Image
image/png 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-6278991490888262

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:45:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Wed, 14 Feb 2024 22:35:31 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4AB6 0
45 B 516ms
273ms Ping
image/gif 2404:6800:4003:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lsmbmh3t&c=7995336274121&slotId=3997668137060.5&qqid=CL_71-_mq4QDFRwGRAgdtYAH3g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2048&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1oj~atrd.1oo~videopreviewvisible.1oq&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3E1D 23 KB
8 KB 64ms
62ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 563384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 09:15:47 GMT
expires: Fri, 07 Feb 2025 09:15:47 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E1D 39 KB
15 KB 61ms
61ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:48:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 19:48:08 GMT

GET
H3 206 file.mp4
r2---sn-q4flrnez.c.2mdn.net/videoplayback/id/1ee4a120ca1046b2/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3847537073/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 4AB6 4 MB
4 MB 138ms
67ms Media
video/mp4 2607:f8b0:4000:45::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4000:45::7 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

081c32749ffb6ccd167010a554c7a19e3bf52764b0bee01a4718a1182fb6626d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 14 Feb 2024 21:45:32 GMT
date: Wed, 14 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4222553/4222554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4222554
last-modified: Wed, 20 Dec 2023 16:17:06 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E1D 0
20 B 124ms
123ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B9QNBezTNZYTSJL3YoPwPsaSM0AIAAAAAOAHgBAI&bg=!wcKlwo3NAAaxkZ3akZE7ADQBe5WfOMpwN8UMtcXPHx8j2U94pckbSN6lgUIxKjgeKB3ZCIlldkF2urjxu9JAJ6Uy5CTqAgAAAMRSAAAAA2gBB5kC72yDQdERYiiCpxneQXg_PmV_btEQtR5bCxl_WQCszKcDdcWY1cW489kBBEx0_ioflbakNFRlsMcSAfy2LYaEpsW6xOZwnwc6qx9yZh4pDFsAsbvWi9z2w6B-7QKeU_VCiuAgjbVoEKbd4sNR9w1Ml-lYJ_VHYbvS9p31NxFZVbsOoQ_GZpX2G_cSM8XvuSZPURisd48qmV1i-awlgom5MqpRj1pFUkTjx7q-YjtwrxkJxBr99qTUwtVT74MSCGGSdUywSJs1gbO23lDJX9NfmqGQBRRvvUWHFO9j4VNNmU76crdeF4aO6xDn9Xm6Fd1dWh-mtlL4wuGHU3nXQmvxn6jozmm15QB61WRKqYQ4TZuPYZgSz8Yb2K2ZVLI9yA9u3j5U4cOKQpFXeSdv-GF8iafHFSNaPY1E46ck7tTcaw0X2iRH3KD9yHN6L5o49xJjKnM1sqB5eesSrpf2-XhAKeYgrBB3Kq8kO_rhR1-fmTylU1ARJyYb7UwQBtoSWg8207251sl1nYnO0C_CUS3EsL2xxKIcaWiW1FH48kxfLqj787_9MOozpU3tasaDcIwo1SQUCim6VnA-DAUMnZ7vQ-mNGLzCyaKxYlxyehLk_0oFnbSwyCAeo26vNeuf3E1_0SppJ1HAHuZGel_9jVQFPlriGr1MPOn47DyE0o7yxeKgPYunCjwa7txDbWg_pgQw64bqAK4rsL6w3cUOw3YitGBPp3d5KcUfBuS5OjtTcKHw4gR-mxi7m4YC59cjcEzXiLZ8jY43-ElW382_fQd67WL6MwsW4vf_h4q34oKdY5gZpjQpjAMR_IZGATjJmdkX1nyeru195NNftcQ-hofJnI36sHMKpjJkifiBbkdOCah7IzNq3hjtrvuZTDNZ0bQ9T5XIP3MR3grXDRwz9X37oKdOWZSPyr06SeUdgEiunw9DzF95fE5gRTuHsOBNA9SKjinV3Am92SwO9UDFAlyDpVq-rBQQ3I9VFCIpDNYjBn0

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIxPvL8OarhAMVPSyICR0xEgMqEAAYACCJ9_hiOhkI-I_4xgEQk6-v77gDGNWutwkg8-j5x6USQhMIv_vX7-arhAMVHAZECB21gAfe;dc_rmcid=CAQSTwAvHhf_e1d8RE9PLKXJ6_AwNlwdKf1_A5lBb6q91uPN0kk_TqLYxAUIZmQvRgB3AmVNL6fxZ...
ade.googlesyndication.com/ddm/activity/ Frame 4AB6 42 B
401 B 252ms
91ms Image
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxPvL8OarhAMVPSyICR0xEgMqEAAYACCJ9_hiOhkI-I_4xgEQk6-v77gDGNWutwkg8-j5x6USQhMIv_vX7-arhAMVHAZECB21gAfe;dc_rmcid=CAQSTwAvHhf_e1d8RE9PLKXJ6_AwNlwdKf1_A5lBb6q91uPN0kk_TqLYxAUIZmQvRgB3AmVNL6fxZN8wHB-aixgbZ7wAd-ZYShTZy6YQjNTVz0YYAQ;eps=CIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WL3U1e_mq4QD;met=1;acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D273935202%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1707947132762;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4AB6 42 B
64 B 105ms
98ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CC3O8eTTNZf_aKpyMkPIPtYGe8A3P3NmNafPo-celEp_sor3AARABIN7p7J8BYMmGgIDco8QQoAH-7ra5AsgBBagDAcgDmwSqBIACT9AE-fYfMrsN2jnH3sZ7UNmdrmR-k8Rhj854YxAKS7QZLnMMZCNLAFvkYNegVaWRZM58fdmXeYlA70SZIemwul_J_RTUeJD3x3yz7G3rzLTPglAbiPET0Hh3SNqNmzxQYqkcdj02WmMel1q8wSPC_srE48U2QZ0s7SYPNTKVmXjMKRaW_aswXeHa9mcUBbOm8Tr1U5jt5lXFAPU5R3zCiM248QV879Tr0_VnVHxjzxl2wtgtR0VvF2T-Kcmvn_9zVh8gHsE95B9KfInbe_P99bOsapKYIoZTJh9donp-rHZOry68_sLa9MIYlJ-kXy7MD93pkG3AJODrsQZ9cOxYE8AEk6-v77gD4AQDiAWGn-rpLZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WL3U1e_mq4QDgAoBmAsByAsBgAwBqg0CVVOwE9PexhbIE9WutwnYEwqIFAPYFAHQFQH4FgGAFwHoFwU&sigh=mwJsJY5YBZ8&label=part2viewed&ad_mt=6&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D273935202%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1707947132762

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4AB6 0
674 B 335ms
190ms Image
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJXEnLiO8HNaOg8rfHW5cuiU8cs1t0jTAStU6phvZR7-gV2bTtgljvsKQIsH52ZKMd7pOzyvsWUU2zt5v_eolHIJ-g67A1a8Go3RjNWYiHl-j-XeSNHp1-jLCC0F1tYfvU1M9mqUHuWGHZJYLsdNjugB2zCkvNx8B0LaePfyvv2S2G87sHBxODvJ1Ksy4RkiXb5jGQKtUdrEvMHIu0RTp2T9PI49nbZv8tjp_7_u0N9S9MJFNDvuVCgrrSaY8sOjXU1tBRZfcZx457ty1Es2FIkgTYnyYc3WIlfIb8A1z4CX2k4OWjjHdC_arGakxrOcAXQKTXdviG5agVyYG02vhLFALloZKXVksb1p6517sIXxpqX695XrDq0D1ciif3N_CSfvrbbaxQ6h70QImi0MB2f8249JZmInKi3-W3J5x0CZ0JslBTDE-okA0O0Kg05dEk-y6ELMMD8pq6BCGfMkL7VZBvRq04ofm9dTejnwmHRqBW5xIDEIuE_JdbcfyX7iHl50XMDaXBblKwxN17BgsXJ8Q-IKTacH33nSIHs0_H-vqVphRCVNiYoMphpdI0CP3u_uUSNFZ49ueg-f-BWmMUNtIyXiNrT2cHarhcto5OLGzdOerD-48Pwh8o4OjHOEpSJRhL5wtcn8zGwJloYLgAe8ywxLvQhcIC93p9PWeEFowXGRUqF7m_1SoxrwZP1541gp2dl7LP7YC0971aOMXtPK2FEMIT0sMA88bsgnNFscC-fCdE-LPElbGXDgyEbJixXxy6xk9422ZaGF6zXvs13M9GFrrrikCvayotGFrsXL7IRx8jI6dB6WUhD6ul1oJPKcccxUCne2dUfPQvGJs87ZA5adN7vBvaiC1O4EjATtEIeEF5FFcB1QG2C1PbQIQJqld9o8LKkwi6TuNMA28cB7tToUc51pAesoqoA28jJrusKtMNviAvPTYagb6FUyVrxi6vmadu3bllCdZ0qAllkKjnUNv7Iabon89CKbzW7_frn_0nHrd1kE80YGAeU-gYUdUO1XGfHcG-9gQZuxxryKKrYBEcLq6WD0V-pT7VHxKyQ120qECRBdzWY7DseI3MbtmrrEyfJVHlS09p1qgDtvGy9CeINeekLfXs9QdblQKbCpV3e3dpyfKEZCEDVKzO2ySEwt6doCu60Dl-IRB3yCgL3o2vj73V1fkijARO-u0RSb_dl8lUYAKuY26ZD6sP7dPG9TKL1-cmc8GZgSO1yb0t_y0yEDmSNh2lhhzi0unEQvb2d6ZagwJpUEtRJ99iHJNVA5-xFmdafbLCmgPivATDFQsI9C10Yyf9TY4ZWjcTp1G9ofxJOfdows19DR648kqd1pBhQmSeiMIiUJchWbExtL4p7d_7Pw6UJ1vrV7M0b3wR&sai=AMfl-YQFu9qNTMZJA4NKizTuqU-I0b2rbTbxLMj2nvQDi04VqQpq-V5dwaACldZSpxu6-axIwJWrn6O91El9AZvRMjhmGXg9NUz5uA2Yt2uiF-HAbftb2HGU96CbM_mBcZVcDc5UMhs97ZciydVEE5fTDuIoeTedTGmcGfyIbmMCQeVvhiK7wn4-AbE5xXJwdLSt07JnL1rwOWUm1cGOP3vLvHDv7bIqRvf8902grB4IC1QCu9cKehWjlbMYCfSeLeTholbx9JF27mbrwS8vzKb8_snZnbjaoaXcJyhvLcn26sBxiokj49Yba1QdGFX9jaNN8A&sig=Cg0ArKJSzMEoaLg0_Ep5EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 14 Feb 2024 21:45:32 GMT

GET
H2 200 /
d.agkn.com/pixel/10690/ Frame 4AB6 43 B
612 B 336ms
124ms Image
image/gif 2600:9000:2511:6c00:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10690/?che=3373303294&cmid=31196012&sid=6031710&pid=384587754&cgid=575607317&cid=207502217&aid=9902108&gdpr=&gdpr_consent=
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:6c00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:32 GMT
via: 1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: Mia78_v1HHXPQ-S_dPFJLchO7o4rql7cdDhSiRXBb126Vf6vRbd9Qg==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4AB6
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP651wIQprvuAhigpYyCAiABMAE&v=APEucNWfRY9EQgYxY9A6JCZm6oPAjLBuDAN_i5Ey5ENYMiXAsS5tCUZS-B_RzbCmdWhj9ahu5Xl1bCHz71wxEyXP_1ibJTx3OBSWlo4pEFbbrhyshOSKPRw
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc00fdHM420AAEm3AC5t3QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzmnWmOLUIvA-Rgqr91TAE&google_cver=1

43 B
773 B

78ms
78ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzmnWmOLUIvA-Rgqr91TAE&google_cver=1
Requested by: Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxuIP8Zl1VSVMpThjxDDBs1rNO2iyEPM2J1WXG97ckTEvT4sfTWE0QkWd0mB%2B4FjTzKILSEz5JRRXZ3MCgWGferZwCg3C0W3HVTJRkxhooKlLFPXyv%2BJq%2BzYBq1Ukqa5jMLFwvk%2FybGfHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85587fb06bfd497e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGzmnWmOLUIvA-Rgqr91TAE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AB6 0
20 B 124ms
119ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4AB6 42 B
64 B 102ms
97ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJpOKaRUOl7kaO4CG849DLPzetfiln5DvBnduvMFphCtNKxxLDQ7fnuSNR1uxgfyMN955DQhUnsRJDP5WFTiD1EQeplmsyl2CubUxhjovQ8G3NScrJIuSOC5ngiNi_ZIfRZO3ROFzmio1ziM2Fs0oOQvGLqgZ2I2M&sai=AMfl-YQBdVEZVAVRLNApp_Jtvwanb8oF5tDDgHWuNNFF5EAswNncsNDDaKzZaj47sEvXaavQX3ANYA23a7yuXUicMul5V4idV0vMoyGzRRNHPtLQVhLa1v3MHuWAy1Pi7H2zqlNZ_P574gdySHz99xtcQQ&sig=Cg0ArKJSzKWiRIX1a-KjEAE&cid=CAQSTwAvHhf_e1d8RE9PLKXJ6_AwNlwdKf1_A5lBb6q91uPN0kk_TqLYxAUIZmQvRgB3AmVNL6fxZN8wHB-aixgbZ7wAd-ZYShTZy6YQjNTVz0YYAQ&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D273935202%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1707947132762&avm=1

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4AB6 42 B
64 B 102ms
98ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CC3O8eTTNZf_aKpyMkPIPtYGe8A3P3NmNafPo-celEp_sor3AARABIN7p7J8BYMmGgIDco8QQoAH-7ra5AsgBBagDAcgDmwSqBIACT9AE-fYfMrsN2jnH3sZ7UNmdrmR-k8Rhj854YxAKS7QZLnMMZCNLAFvkYNegVaWRZM58fdmXeYlA70SZIemwul_J_RTUeJD3x3yz7G3rzLTPglAbiPET0Hh3SNqNmzxQYqkcdj02WmMel1q8wSPC_srE48U2QZ0s7SYPNTKVmXjMKRaW_aswXeHa9mcUBbOm8Tr1U5jt5lXFAPU5R3zCiM248QV879Tr0_VnVHxjzxl2wtgtR0VvF2T-Kcmvn_9zVh8gHsE95B9KfInbe_P99bOsapKYIoZTJh9donp-rHZOry68_sLa9MIYlJ-kXy7MD93pkG3AJODrsQZ9cOxYE8AEk6-v77gD4AQDiAWGn-rpLZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WL3U1e_mq4QDgAoBmAsByAsBgAwBqg0CVVOwE9PexhbIE9WutwnYEwqIFAPYFAHQFQH4FgGAFwHoFwU&sigh=mwJsJY5YBZ8&label=vast_creativeview&ad_mt=6&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D273935202%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1707947132762

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4AB6 0
54 B 334ms
329ms Ping
image/gif 2404:6800:4003:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lsmbmh45&c=7995336274121&slotId=3997668137060.5&qqid=CL_71-_mq4QDFRwGRAgdtYAH3g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2048&mt=video%2Fmp4&vs=1280x720&dm=15000&ple=0&umsem=0&event_name=first_play&asset_bytes=200487&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.2im~ff.2j2~videopreviewstarted.2j4
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4AB6 0
54 B 268ms
268ms Ping
image/gif 2404:6800:4003:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lsmbmhyj&c=7995336274121&slotId=3997668137060.5&qqid=CL_71-_mq4QDFRwGRAgdtYAH3g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2048&mt=video%2Fmp4&vs=1280x720&dm=15000&met.4=vfl.2mk
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::78 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4AB6 42 B
64 B 104ms
103ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJpOKaRUOl7kaO4CG849DLPzetfiln5DvBnduvMFphCtNKxxLDQ7fnuSNR1uxgfyMN955DQhUnsRJDP5WFTiD1EQeplmsyl2CubUxhjovQ8G3NScrJIuSOC5ngiNi_ZIfRZO3ROFzmio1ziM2Fs0oOQvGLqgZ2I2M&sai=AMfl-YQBdVEZVAVRLNApp_Jtvwanb8oF5tDDgHWuNNFF5EAswNncsNDDaKzZaj47sEvXaavQX3ANYA23a7yuXUicMul5V4idV0vMoyGzRRNHPtLQVhLa1v3MHuWAy1Pi7H2zqlNZ_P574gdySHz99xtcQQ&sig=Cg0ArKJSzKWiRIX1a-KjEAE&cid=CAQSTwAvHhf_e1d8RE9PLKXJ6_AwNlwdKf1_A5lBb6q91uPN0kk_TqLYxAUIZmQvRgB3AmVNL6fxZN8wHB-aixgbZ7wAd-ZYShTZy6YQjNTVz0YYAQ&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,160,119,369%26tos%3D2049,0,0,0,0%26mtos%3D2049,2049,2049,2049,2049%26amtos%3D0,0,0,0,0%26mcvt%3D2049%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2219%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D39%26pst%3D208%26dur%3D15018%26vmtime%3D2225%26dtos%3D2049%26dtoss%3D1%26dvs%3D2049%26dfvs%3D2049%26dvpt%3D2219%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D273935202%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2049&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1707947132762

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIxPvL8OarhAMVPSyICR0xEgMqEAAYACCJ9_hiOhkI-I_4xgEQk6-v77gDGNWutwkg8-j5x6USQhMIv_vX7-arhAMVHAZECB21gAfe;dc_rmcid=CAQSTwAvHhf_e1d8RE9PLKXJ6_AwNlwdKf1_A5lBb6q91uPN0kk_TqLYxAUIZmQvRgB3AmVNL6fxZ...
ade.googlesyndication.com/ddm/activity/ Frame 4AB6 42 B
107 B 93ms
91ms Image
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxPvL8OarhAMVPSyICR0xEgMqEAAYACCJ9_hiOhkI-I_4xgEQk6-v77gDGNWutwkg8-j5x6USQhMIv_vX7-arhAMVHAZECB21gAfe;dc_rmcid=CAQSTwAvHhf_e1d8RE9PLKXJ6_AwNlwdKf1_A5lBb6q91uPN0kk_TqLYxAUIZmQvRgB3AmVNL6fxZN8wHB-aixgbZ7wAd-ZYShTZy6YQjNTVz0YYAQ;eps=CIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WL3U1e_mq4QD;met=1;acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,160,119,369%26tos%3D3702,0,0,0,0%26mtos%3D3702,3702,3702,3702,3702%26amtos%3D0,0,0,0,0%26mcvt%3D3702%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3872%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D208%26dur%3D15018%26vmtime%3D3879%26dtos%3D1653%26dtoss%3D2%26dvs%3D1653%26dfvs%3D1653%26dvpt%3D1653%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3702,3702,3702,3702,3702%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D273935202%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3702;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1707947132762;ecn1=1;etm1=0;eid1=960584;

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4AB6 42 B
64 B 94ms
93ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CC3O8eTTNZf_aKpyMkPIPtYGe8A3P3NmNafPo-celEp_sor3AARABIN7p7J8BYMmGgIDco8QQoAH-7ra5AsgBBagDAcgDmwSqBIACT9AE-fYfMrsN2jnH3sZ7UNmdrmR-k8Rhj854YxAKS7QZLnMMZCNLAFvkYNegVaWRZM58fdmXeYlA70SZIemwul_J_RTUeJD3x3yz7G3rzLTPglAbiPET0Hh3SNqNmzxQYqkcdj02WmMel1q8wSPC_srE48U2QZ0s7SYPNTKVmXjMKRaW_aswXeHa9mcUBbOm8Tr1U5jt5lXFAPU5R3zCiM248QV879Tr0_VnVHxjzxl2wtgtR0VvF2T-Kcmvn_9zVh8gHsE95B9KfInbe_P99bOsapKYIoZTJh9donp-rHZOry68_sLa9MIYlJ-kXy7MD93pkG3AJODrsQZ9cOxYE8AEk6-v77gD4AQDiAWGn-rpLZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WL3U1e_mq4QDgAoBmAsByAsBgAwBqg0CVVOwE9PexhbIE9WutwnYEwqIFAPYFAHQFQH4FgGAFwHoFwU&sigh=mwJsJY5YBZ8&label=videoplaytime25&ad_mt=3880&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,160,119,369%26tos%3D3702,0,0,0,0%26mtos%3D3702,3702,3702,3702,3702%26amtos%3D0,0,0,0,0%26mcvt%3D3702%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3872%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D208%26dur%3D15018%26vmtime%3D3879%26dtos%3D1653%26dtoss%3D2%26dvs%3D1653%26dfvs%3D1653%26dvpt%3D1653%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3702,3702,3702,3702,3702%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D273935202%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3702&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1707947132762

Requested by

Host: gif-transparent.fr.gd
URL: https://gif-transparent.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:45:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fwd.fwdtrk.com
URL: https://fwd.fwdtrk.com/track?id=

Domain: redokan.com
URL: https://redokan.com/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=bbcf19b515333a1f0611d9bc7dc47cc1995902427600a3867b6c3cd4d2a1fd00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gif-transparent.fr.gd/	1969-12-31 23:59:59	Name: PHPSESSID Value: c8d5e783508352cb9d2e620834475aea
.gif-transparent.fr.gd/	1970-01-21 04:01:47	Name: __utma Value: 59413947.728424841.1707947129.1707947129.1707947129.1
.gif-transparent.fr.gd/	1969-12-31 23:59:59	Name: __utmc Value: 59413947
.gif-transparent.fr.gd/	1970-01-20 22:48:35	Name: __utmz Value: 59413947.1707947129.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.gif-transparent.fr.gd/	1970-01-20 18:25:47	Name: __utmt Value: 1
.gif-transparent.fr.gd/	1970-01-20 18:25:48	Name: __utmb Value: 59413947.2.10.1707947129
t.adcell.com/	1970-01-20 18:28:39	Name: ADCELLvpid12162 Value: 364266-105746-%23%23%23%23https%3A%2F%2Fasrv205.com%2F%40%40%40%401707947129
.fr.gd/	1970-01-21 03:47:23	Name: __gads Value: ID=d7e1717477424474:T=1707947129:RT=1707947129:S=ALNI_MbHQzbo4t3liNWqc4FG-CelxOCsZQ
.fr.gd/	1970-01-21 03:47:23	Name: __gpi Value: UID=00000dc9f552e2b2:T=1707947129:RT=1707947129:S=ALNI_MZX5BNIA3McPacm-AElRCwRmWxm8w
.fr.gd/	1970-01-20 22:44:59	Name: __eoi Value: ID=625059c82e25d28a:T=1707947129:RT=1707947129:S=AA-AfjbMpLPfn6bsQUCqs4a8b0hg
.doubleclick.net/	1970-01-21 04:01:47	Name: IDE Value: AHWqTUl7WTk8yn5Ip5uC8a-SLKcpbX_1fJzWaHYnDV-9d44PPvm-JgeMiW7MizVRZAg
.doubleclick.net/	1970-01-20 22:44:59	Name: APC Value: AfxxVi56KTdHXR0YPYkhp2vIl23E5_jgSQtYgVkE3E57wGTaOVGUZg
.doubleclick.net/	1970-01-20 22:44:59	Name: receive-cookie-deprecation Value: 1
.agkn.com/	1970-01-21 03:11:23	Name: ab Value: 0001%3AOtv6krS67h0hX4OuxAz%2BHZgilS7mDrTS
.agkn.com/	1970-01-21 03:11:23	Name: u Value: C\|0EAAtX_D9LV_w_QAAAAAAAQAHAAAAAAHcA2z__x4AAAAAAFwJXgAAAAAW7FfqAAAAAAxeO4kAAAAAIk8SFQA
.casalemedia.com/	1970-01-21 03:11:23	Name: CMID Value: Zc00fdHM420AAEm3AC5t3QAA
.casalemedia.com/	1970-01-20 20:35:23	Name: CMPS Value: 937
.casalemedia.com/	1970-01-20 20:35:23	Name: CMPRO Value: 937

44 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://gif-transparent.fr.gd/(Line 758) Message: Mixed Content: The page at 'https://gif-transparent.fr.gd/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.google.ca/'. This endpoint should be made available over a secure connection.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3785704264&adk=3212669525&adf=1176748307&pi=t.ma~as.3785704264&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129249&bpp=1&bdt=998&idt=303&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150%2C180x150%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=1225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=9539817&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=308 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3925305064&adk=2223476286&adf=626710196&pi=t.ma~as.3925305064&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129248&bpp=1&bdt=996&idt=271&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=495634489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=275 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3785704264&adk=3212669525&adf=836460798&pi=t.ma~as.3785704264&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129250&bpp=1&bdt=999&idt=331&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150%2C180x150%2C180x150%2C180x150%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=9539817&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=334 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3925305064&adk=2223476286&adf=772879325&pi=t.ma~as.3925305064&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129246&bpp=2&bdt=995&idt=259&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1207082999616&frm=20&pv=2&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=495634489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=265 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3925305064&adk=2223476286&adf=482049734&pi=t.ma~as.3925305064&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129249&bpp=1&bdt=998&idt=289&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=1046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=9539817&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=295 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133137560438771&output=html&h=150&slotname=3785704264&adk=3212669525&adf=396006072&pi=t.ma~as.3785704264&w=180&lmt=1707947129&format=180x150&url=https%3A%2F%2Fgif-transparent.fr.gd%2F&host=ca-host-pub-1483906849246906&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707947129250&bpp=1&bdt=999&idt=317&shv=r20240213&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C180x150%2C180x150%2C180x150%2C180x150&nras=1&correlator=1207082999616&frm=20&pv=1&ga_vid=728424841.1707947129&ga_sid=1707947129&ga_hid=643883303&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1126&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42531706%2C42532524%2C95324581%2C95325069%2C31081169%2C95324155%2C95324160&oid=2&pvsid=58783134581112&tmod=9539817&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=321 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gif-transparent.fr.gd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
asrv205.com
bid.g.doubleclick.net
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d.agkn.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fwd.fwdtrk.com
fwdtrk.com
gcdn.2mdn.net
gif-transparent.fr.gd
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
img.webme.com
pagead2.googlesyndication.com
r2---sn-q4flrnez.c.2mdn.net
redokan.com
ssl.google-analytics.com
ssl.microsofttranslator.com
t.adcell.com
theme.webme.com
tpc.googlesyndication.com
visifeed.org
www.gstatic.com
www.mr-shop.de
fwd.fwdtrk.com
redokan.com
104.18.36.155
142.250.65.194
142.250.80.34
142.251.163.154
142.251.40.194
176.9.183.55
178.162.223.113
178.162.223.114
193.238.27.28
20.119.175.244
2404:6800:4003:c02::78
2600:9000:2511:6c00:19:fc2c:a140:93a1
2606:4700:3037::ac43:cc74
2607:f8b0:4000:45::7
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2003
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2003
2607:f8b0:4006:822::200a
2607:f8b0:4006:824::2008
2a02:cb40:200::242
2a03:2880:f012:10c:face:b00c:0:3
3.75.56.58
87.118.71.104
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
081c32749ffb6ccd167010a554c7a19e3bf52764b0bee01a4718a1182fb6626d
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
10781190da858732c0576b589e2f3aa9fc8d63d75b2e4c0b957f3bf28e89e960
11f8ede7eb95a541830f565fe8a2047889ed5b0d9194e4339a1bd047212f5a31
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
128807e382b2823b22c893c3c363e358dc8ab839062af7550cbfae790ea5c7ae
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
2f43c2ef72129ed9c9d2558868a4e55df300fad1e7a474fba8a18dfffa8bdf6e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e677d0a57c3664d17b4ac8a29a9875cd8bcbb437f8bd96c20c57a745aa3ea4
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
32f2cc572165762af8fdc9181806ae914af89b46370741f7b186548566c7a435
33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8
332625ab6ceb803fd324ce17122d159c3ae73ad98aa1c1acf2a7bc16c201ad52
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
461883ddb966b115df5d132b4d91bbf74e88a676b29a3e56c12a78c62da8020c
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4bd55b4910bf237f27b7339ef40e6bb8a874172331f8485bfb255006e512ee96
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d2ef7ab2061b31b72985be0c608a497c309000f742a40f2ed8e951d5d496155
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53a07140ade0e37536541147b1af0ac2aaa0e4d5bc0031ff4befffababf0277c
59034a63f5d470f3957a906792ffff47473dc0835ad2ae0cdc2e2b8efa2023a5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60245caf8ee6fbf73f721bf5dd26ee546f70a5234c4f2b751e77af57a71fed8a
62b1cf64640b6034edf08634cbcd0356558e1b662c36e8d8dbebde727f736b1c
66864bc3eeb0dd6798093a6248c1726d1db63dfbb7f1868e6583f8588f92eda8
67d775f6f2233b3c83bc2c077c5ed3bf52a27b0699d4abb8f48bbee09768f83d
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
6e8d74382a77f017db6806fb60329150d813180bcac817eb66c328b22d68fb5e
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
79f2d6861f02a4f7b63b8866ee7280c756cc358f1fd45233e121547b459868f9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854bb85e65ddf4a6ddc7cdf897d33bf02260cd5ef03724ad7cb4501b8507d197
8750ac234f66fa1800146173d63747d96c6b6f08d2ac89add6fd9d98d4aaeeef
8cad19a148118c7492f1d9b5dc440c14b153a6777f94603669260509a8884917
937a3305c7328dac67ee8b16594dc968c77128182a15a5a4b37314d74ca39086
9b4aa26d704a01ec257b8e4d82d657184b6793c5b86db23b9cd7d0fe4014d0cd
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a131464dbb7a8c140841dce792af537ea986cac65997197501e1c4188ad3f7e3
a38fea5c8f84941de0c42ce14b90de271a93e46295631ae8176c389899b70655
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
aca2eec6e1d7fc40a1e38889587a1ebc77cd8c4660cf88b45842dfd288a10f5c
accd9a9e5c3f64d794eed94c10c3d32dbdf7a17081224c27312e93f0c6230d2f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b7f58236bc03c9463fa9e2e60952c203beba7fd7062b79e1b5f8d9f326c4b6f2
bcdf78dae3209f365b757a2879ae87ff7c2e9626e274636cffcdc262ed3bf621
c70b2846e6175cdf551fa544eb2164341d3596c08c4b672320d94ec89c3d3f4a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00ec0830aa04065436640a8be0338389970dddd42004b868ea911b4b58a79ff
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d5ea1cf0841ba567f52ff9d7b4ed9cadcc4beb40cbe0415ff021b8f3574e7c97
daf3c668f974a9d8b1145c5a5ab9b7add34979e366cece3493ea6a9e26b63608
dc3aa103bdfc1e30da65a1e2a161d64cd6bad19624321fa99a31ab5972face9d
dca13ee2fe4dd6cba99bb247b69ac1ca10ca53ef6291c4cc10dd9afe71d30a1d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e8af793ad5510b441d1103af7a7f136afcc7dad807ba2dd0e5c5620dfce8f4c1
eda1cffcf01e613c5bb2adf37efc6866c328e6cdb72a9b49d4bccdcd4affe350
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe6fc2f7916a8cc240199d8a43a6bfca51d165c35635ca00ee5235eef19d59b6

gif-transparent.fr.gd Open in urlscan Pro 193.238.27.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

95 %HTTPS

54 %IPv6

18 Domains

29 Subdomains

25 IPs

4 Countries

6627 kBTransfer

8369 kBSize

18 Cookies

9 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gif-transparent.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

95 %
HTTPS

54 %
IPv6

18
Domains

29
Subdomains

25
IPs

4
Countries

6627 kB
Transfer

8369 kB
Size

18
Cookies

100 HTTP transactions
1 data transactions