ngembassy.info Open in urlscan Pro
103.72.77.63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ngembassy.org/
Effective URL:
https://ngembassy.info/
Submission: On August 19 via api (August 19th 2022, 5:09:23 am UTC) from FR — Scanned from FR

Summary HTTP 183 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 24 domains to perform 183 HTTP transactions. The main IP is 103.72.77.63, located in United States and belongs to A2HOSTING, US. The main domain is ngembassy.info.
TLS certificate: Issued by R3 on August 10th 2022. Valid for: 3 months.

This is the only time ngembassy.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	103.72.77.63 103.72.77.63	55293 (A2HOSTING) (A2HOSTING)
1	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5 43	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
4	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a0f:f4c1:2::22 2a0f:f4c1:2::22	36040 (YOUTUBE) (YOUTUBE)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
15	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
6 6	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
6 6	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:d09f:4639:d8c6:6199	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
183	26

30 103.72.77.63 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: m.server48.com

ngembassy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ngembassy.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.ckeditor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0f:f4c1:2::22 (Ukraine)

ASN36040 (YOUTUBE, US)

r15---sn-quxapm-3c2s.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.253.211 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.18.126 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:d09f:4639:d8c6:6199 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com 5 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	4 MB
35	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com csi.gstatic.com fonts.gstatic.com	660 KB
32	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	220 KB
29	ngembassy.info ngembassy.info	3 MB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
6	casalemedia.com 6 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456	6 KB
6	openx.net 6 redirects rtb.openx.net — Cisco Umbrella Rank: 1517	1 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	259 KB
4	gvt1.com 2 redirects redirector.gvt1.com — Cisco Umbrella Rank: 1735 r15---sn-quxapm-3c2s.gvt1.com	4 MB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	4 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 327	1 KB
3	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 634	248 B
3	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1072	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1981	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 592	571 B
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 34461	914 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 929	724 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1414	296 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	649 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3094	346 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	72 KB
1	ckeditor.com cdn.ckeditor.com — Cisco Umbrella Rank: 17485	161 KB
1	ngembassy.org 1 redirects ngembassy.org	278 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
183	24

	Domain	Requested by
43	tpc.googlesyndication.com	5 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
29	ngembassy.info	ngembassy.info
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ngembassy.info
17	pagead2.googlesyndication.com	ngembassy.info pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
15	cm.g.doubleclick.net	ngembassy.info googleads.g.doubleclick.net
10	www.gstatic.com	googleads.g.doubleclick.net
7	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
6	ssum-sec.casalemedia.com	6 redirects
6	rtb.openx.net	6 redirects
6	fonts.gstatic.com	fonts.googleapis.com
6	www.googletagservices.com	googleads.g.doubleclick.net
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	csi.gstatic.com	www.gstatic.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	pixel.rubiconproject.com	3 redirects
3	image6.pubmatic.com	googleads.g.doubleclick.net
3	cms.quantserve.com	googleads.g.doubleclick.net
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	r15---sn-quxapm-3c2s.gvt1.com	googleads.g.doubleclick.net
2	redirector.gvt1.com	2 redirects
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
1	odr.mookie1.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ngembassy.info
1	cdn.ckeditor.com	ngembassy.info
1	ngembassy.org	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
183	34

This site contains links to these domains. Also see Links.

Domain
ngspan.com

Subject Issuer	Validity	Valid
ngembassy.info R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
cdn.ckeditor.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://ngembassy.info/
Frame ID: B37FE400562751CADC7E96C23BCC51F0
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/zrt_lookup.html
Frame ID: 1F561EE778CD9C90BB051167FAF5D120
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&adk=1812271804&adf=3025194257&lmt=1660885758&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fngembassy.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885757900&bpp=8&bdt=633&idt=108&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1630474891985&frm=20&pv=2&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127
Frame ID: 582E0BC1C787D3ED39ED98AB698C9640
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660885758&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885757908&bpp=3&bdt=640&idt=137&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dv9b7clPKx&p=https%3A//ngembassy.info&dtd=140
Frame ID: 940A6329BA1BF0B73E73474FCEBE1836
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=3066093774&pi=t.aa~a.312256432~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=2&bdt=1858&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LdcOutovgi&p=https%3A//ngembassy.info&dtd=20
Frame ID: D399F098DA1B6EF1EA7BB2D462EDD364
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26
Frame ID: 0477007D4184EE92DD06E1DEA1201651
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1858&idt=1&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280%2C1140x280&nras=5&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=9pNXvKWEEB&p=https%3A//ngembassy.info&dtd=31
Frame ID: 45BE5926F0581B4292F77F6765F50518
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 07CE03E2DF446F84466B73DCFEAD1EC9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5F51C1BD8305C7918D9D6E03A3211699
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Frame ID: E32C1040C1A0E9598CDA6E2334C796E6
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 4C3C4F74046FB9EE63F795F96B1604A6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EE7B1C1B942388BDCACC61746394681D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: B432996416495F8F0227BB51499FAC68
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: BE021F7F2F74634BB2EEE997FD309ECC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: 36C764EA85753A6735CC350771721A50
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 88F16C039AE87342840647A7FF28BA31
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EA92C81A4D880404B303F36BE2FA0E3E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7F7FCA572A2D85D433029B4A8C77CD9B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: 8126BF8E24CCC4E3CA206A8E426BC820
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: B57F73DBC25400A22249291365B79896
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: 551DEE5AC3B11D0D5DF7AD17B24443E4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CDC5F0B4728D16BFD3F36E5535F17E6F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 850481D99F2FB4F4A4ECEFCAC5C4BB21
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ngEmbassy : Integrated Information Portal

Page URL History Show full URLs

http://ngembassy.org/ HTTP 301
https://ngembassy.info/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

183
Requests

89 %
HTTPS

63 %
IPv6

24
Domains

34
Subdomains

26
IPs

5
Countries

12627 kB
Transfer

16081 kB
Size

28
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ngspan.com/
Title: cookie script

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ngembassy.org/ HTTP 301
https://ngembassy.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCn4-iLJhCGBxiEBzIIE4raXef_y6Y HTTP 301
https://tpc.googlesyndication.com/simgad/9842161770512313806

Request Chain 123

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCn4-iLJhCGBxiEBzIIE4raXef_y6Y HTTP 301
https://tpc.googlesyndication.com/simgad/9842161770512313806

Request Chain 128

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCn4-iLJhCGBxiEBzIIE4raXef_y6Y HTTP 301
https://tpc.googlesyndication.com/simgad/9842161770512313806

Request Chain 133

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOD4xt7xUxCwCRj0BDIIsnYymPgeJC4 HTTP 301
https://tpc.googlesyndication.com/simgad/5493985391062758797

Request Chain 138

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOD4xt7xUxCwCRj0BDIIsnYymPgeJC4 HTTP 301
https://tpc.googlesyndication.com/simgad/5493985391062758797

Request Chain 141

https://redirector.gvt1.com/videoplayback?id=9e2bba95479b66cc&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1660892959&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=197DA3DBB12EB3BD0FD467A6E92E76F37D609AB7.B7D0E0A597FC46CE20FE0DCDC2AC87C1D42C50BF&key=ck2 HTTP 302
https://r15---sn-quxapm-3c2s.gvt1.com/videoplayback?id=9e2bba95479b66cc&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1660892959&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=7DE97E907CE0443D8E002F84311BC2F93046C57B.62AFB584F18E67B78403C3BAFDCFA83C7DB43396&key=cms1&cms_redirect=yes&mh=pB&mip=2001:41d0:d:364d::2&mm=28&mn=sn-quxapm-3c2s&ms=nvh&mt=1660884780&mv=u&mvi=15&pl=48

Request Chain 145

https://redirector.gvt1.com/videoplayback?id=9e2bba95479b66cc&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1660892959&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=9B56C32B4749323AD0E98B19152DBF35E0476887.437024532FD9C79E7BFC20F09218F17924FC3854&key=ck2 HTTP 302
https://r15---sn-quxapm-3c2s.gvt1.com/videoplayback?id=9e2bba95479b66cc&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1660892959&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pcm2cms,pl,requiressl,source&signature=4B7BC7716E1A7FCADF16A35846B100733DDEC3E7.40D2ECC8FD0D443993FD5130E70A60AD07212088&key=cms1&cms_redirect=yes&mh=pB&mip=2001:41d0:d:364d::2&mm=28&mn=sn-quxapm-3c2s&ms=nvh&mt=1660884780&mv=u&mvi=15&pcm2cms=yes&pl=48

Request Chain 151

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4AISGklzQ7-VyEKEWa3Qn4efPG2ChWHJ9cVHRjjbuJwctEkdhK4AByK12Dj5oLWZ3zKyk3dsMhzexjO5A8Un0gvMYG_Rms&google_gid=CAESEK2BPwuMqrHqifsxKBpITg0&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIC2_JcGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BZWhsSzRBSVNHa2x6UTctVnlFS0VXYTNRbjRlZlBHMkNoV0hKOWNWSFJqamJ1SndjdEVrZGhLNEFCeUsxMkRqNW9MV1ozekt5azNkc01oemV4ak81QThVbjBndk1ZR19SbXM HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNXY4MFc3c0ZpU3JqbWdVWldiTW52SHZDS2MwWlBfOURVM3VEQkpXdVh6UQ==&google_push

Request Chain 152

https://rtb.openx.net/sync/dds?google_gid=CAESECx1q5b_55xH7ihuK-vxkAE&google_cver=1&google_push=AehlK4BnyiH8gThbEgwGSfLxFi1FJ6xyj6Z_yufMcRc74yPwnyZ-JjPK4s8dA0AQvXSHE47xIwaqHNqqK0Fotyh0XkNYTr9LuCtV HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESECx1q5b_55xH7ihuK-vxkAE&google_cver=1&google_push=AehlK4BnyiH8gThbEgwGSfLxFi1FJ6xyj6Z_yufMcRc74yPwnyZ-JjPK4s8dA0AQvXSHE47xIwaqHNqqK0Fotyh0XkNYTr9LuCtV&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4BnyiH8gThbEgwGSfLxFi1FJ6xyj6Z_yufMcRc74yPwnyZ-JjPK4s8dA0AQvXSHE47xIwaqHNqqK0Fotyh0XkNYTr9LuCtV&google_hm=cabRaokux4MJqkDygXQytQ==

Request Chain 154

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOJxi6KWyiF448C2_Afu4vU&google_cver=1&google_push=AehlK4COS_QzrXbCvmMpwktD7m944n4eQLLVAns7sSE7dciSozdaWpI3wDf0wpDb35xd16XbDFdTOFto21SdJpd84OOsSJ--LTQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwMEhZWE8tUi0xNkMx&google_push=AehlK4COS_QzrXbCvmMpwktD7m944n4eQLLVAns7sSE7dciSozdaWpI3wDf0wpDb35xd16XbDFdTOFto21SdJpd84OOsSJ--LTQ

Request Chain 155

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_cver=1&google_push=AehlK4AzRDzUagwQwIhoZymi6cLBvrwwvhtiF7sDzOizIzcfF9hq7dQb-AJmp3-qWCgryMWq22sBVXgzrafVycowCqKC9vDkjx-A HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_push=AehlK4AzRDzUagwQwIhoZymi6cLBvrwwvhtiF7sDzOizIzcfF9hq7dQb-AJmp3-qWCgryMWq22sBVXgzrafVycowCqKC9vDkjx-A&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_hm=Yv8bAAPEe_OjLVhmLrmUzAAABGAAAAIB&google_nid=index&google_push=AehlK4AzRDzUagwQwIhoZymi6cLBvrwwvhtiF7sDzOizIzcfF9hq7dQb-AJmp3-qWCgryMWq22sBVXgzrafVycowCqKC9vDkjx-A

Request Chain 159

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DtJLoXWlV5Oqt38zZ8XbcdnhjpeUDItwIs6lksBKc-nrsVrZaZFgMOxsW6sSIAOu3SZwXkfsSQCKzygLlTqrFyxg8RMew&google_gid=CAESECauZ_mTYarsv8Peg2uS3jk&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DtJLoXWlV5Oqt38zZ8XbcdnhjpeUDItwIs6lksBKc-nrsVrZaZFgMOxsW6sSIAOu3SZwXkfsSQCKzygLlTqrFyxg8RMew&google_gid=CAESECauZ_mTYarsv8Peg2uS3jk&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTkwNTA5MjEwMDA2NDk4OTA4MzYwNg%3D%3D&google_push=AehlK4DtJLoXWlV5Oqt38zZ8XbcdnhjpeUDItwIs6lksBKc-nrsVrZaZFgMOxsW6sSIAOu3SZwXkfsSQCKzygLlTqrFyxg8RMew

Request Chain 160

https://rtb.openx.net/sync/dds?google_gid=CAESECx1q5b_55xH7ihuK-vxkAE&google_cver=1&google_push=AehlK4CpWhid0R4xteykrKhvvjWiW277L2F7_EDBvjHE_RDuZkmSquGFDS9ZyuK9j_urAeQ4exLy4C2DeRGsi1JTMCI2PlbU2rk HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESECx1q5b_55xH7ihuK-vxkAE&google_cver=1&google_push=AehlK4CpWhid0R4xteykrKhvvjWiW277L2F7_EDBvjHE_RDuZkmSquGFDS9ZyuK9j_urAeQ4exLy4C2DeRGsi1JTMCI2PlbU2rk&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CpWhid0R4xteykrKhvvjWiW277L2F7_EDBvjHE_RDuZkmSquGFDS9ZyuK9j_urAeQ4exLy4C2DeRGsi1JTMCI2PlbU2rk&google_hm=skQfuDX6wVEcYr9MM025KQ==

Request Chain 162

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOJxi6KWyiF448C2_Afu4vU&google_cver=1&google_push=AehlK4BxMOJ6d5SvHj-DXAcu0AaeaErYES7pjlbqfi7MpqFBdyrZhsvfORXXq8q3KF5jTW12mb1MrJ6HFpOFzM72aGrbmSUJehk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwMEhZWlYtMjAtSDRFRg==&google_push=AehlK4BxMOJ6d5SvHj-DXAcu0AaeaErYES7pjlbqfi7MpqFBdyrZhsvfORXXq8q3KF5jTW12mb1MrJ6HFpOFzM72aGrbmSUJehk

Request Chain 163

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_cver=1&google_push=AehlK4BshQ-hmmaoDY5YCwjqlzqxEjDCiKfUilqu40F2o3_Z1aWzSM_mmhtSjDiOqcjnJOvmnEaKCSYXvKP0mnjSlFEA17vaV7lU HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_push=AehlK4BshQ-hmmaoDY5YCwjqlzqxEjDCiKfUilqu40F2o3_Z1aWzSM_mmhtSjDiOqcjnJOvmnEaKCSYXvKP0mnjSlFEA17vaV7lU&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_hm=Yv8bAAPEe_OjLVhmLrmUzAAABGAAAAIB&google_nid=index&google_push=AehlK4BshQ-hmmaoDY5YCwjqlzqxEjDCiKfUilqu40F2o3_Z1aWzSM_mmhtSjDiOqcjnJOvmnEaKCSYXvKP0mnjSlFEA17vaV7lU

Request Chain 167

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJxA5Y7-RWu2bBTtTE9o2cU&google_push=AehlK4CrZgZer73aKsFXdP-K-zNxD9H1_BR1Y5KsUU2ghohx564aTIrgF7Fr-ZIPpvbqtjYn0IW3M77kwGk_8-rbfOcFMmD7BSA5&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AehlK4CrZgZer73aKsFXdP-K-zNxD9H1_BR1Y5KsUU2ghohx564aTIrgF7Fr-ZIPpvbqtjYn0IW3M77kwGk_8-rbfOcFMmD7BSA5&google_hm=MTA4MTI1Nzk3NTc0MDE5MTA3NTI

Request Chain 168

https://rtb.openx.net/sync/dds?google_gid=CAESECx1q5b_55xH7ihuK-vxkAE&google_cver=1&google_push=AehlK4DnwN5-FRp8LXEfs7AB30hIOWHpPbVOWHUpJ3I93MKkOhcsrUS0NAHX22LzEKNDvioFqy70HIz6FcfWDKXYCGqgXcQEADvx HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESECx1q5b_55xH7ihuK-vxkAE&google_cver=1&google_push=AehlK4DnwN5-FRp8LXEfs7AB30hIOWHpPbVOWHUpJ3I93MKkOhcsrUS0NAHX22LzEKNDvioFqy70HIz6FcfWDKXYCGqgXcQEADvx&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DnwN5-FRp8LXEfs7AB30hIOWHpPbVOWHUpJ3I93MKkOhcsrUS0NAHX22LzEKNDvioFqy70HIz6FcfWDKXYCGqgXcQEADvx&google_hm=skQfuDX6wVEcYr9MM025KQ==

Request Chain 170

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOJxi6KWyiF448C2_Afu4vU&google_cver=1&google_push=AehlK4CQe8kxL3vTKTokhEmq-iBtm6ivwMKfOvlE9j9GhofQ2LMSEV5rwEs4VV3LexlXHrikzGWX4atXpn5DtBhElHiOLsCXOlRV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwMEhaMFAtMjItOVNFNg==&google_push=AehlK4CQe8kxL3vTKTokhEmq-iBtm6ivwMKfOvlE9j9GhofQ2LMSEV5rwEs4VV3LexlXHrikzGWX4atXpn5DtBhElHiOLsCXOlRV

Request Chain 171

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_cver=1&google_push=AehlK4CBPyGKFZNMYVMR5tr5l5f7TYVmEG4sS7EHliRcV5mms7ecy-YHwYG_MJ7vha0r-BASBQ2AdOdA_sH4aeNzxJSv75s3Fx7l HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_push=AehlK4CBPyGKFZNMYVMR5tr5l5f7TYVmEG4sS7EHliRcV5mms7ecy-YHwYG_MJ7vha0r-BASBQ2AdOdA_sH4aeNzxJSv75s3Fx7l&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_hm=Yv8bAAPEe_OjLVhmLrmUzAAABGAAAAIB&google_nid=index&google_push=AehlK4CBPyGKFZNMYVMR5tr5l5f7TYVmEG4sS7EHliRcV5mms7ecy-YHwYG_MJ7vha0r-BASBQ2AdOdA_sH4aeNzxJSv75s3Fx7l

183 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ngembassy.info/
Redirect Chain

http://ngembassy.org/
https://ngembassy.info/

40 KB
8 KB

1241ms
292ms

Document
text/html

103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 6c5ce0cfebd421729d45cf57e3c7d77e6f6fa4b725c6b63d43e605fed8c70f10

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 8171
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Aug 2022 05:09:16 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
Vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 19 Aug 2022 05:09:15 GMT
Keep-Alive: timeout=5, max=100
Location: https://ngembassy.info/
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips

GET
H/1.1 200
OK bootstrap.min.css
ngembassy.info/themes/default/assets/bootstrap/css/ 115 KB
19 KB 114ms
112ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/bootstrap/css/bootstrap.min.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 889087766998e260a22f5c5ccbc7f2e03b168c780bcd7a922b66581241a3ecad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Jun 2021 03:38:06 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1caa7-5c4d9d18a4380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19287

GET
H/1.1 200
OK font-awesome.css
ngembassy.info/themes/default/assets/font-awesome/css/ 32 KB
7 KB 113ms
110ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/font-awesome/css/font-awesome.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "7e3e-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6423

GET
H/1.1 200
OK select2.min.css
ngembassy.info/themes/default/assets/plugins/select2/ 15 KB
2 KB 225ms
109ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/select2/select2.min.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 6657a7d3ac4506ce3b0ca9234df4f63b6bff8e94e92f21f9d77921b166fc6925

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "3a3d-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1920

GET
H/1.1 200
OK _all-skins.min.css
ngembassy.info/themes/default/assets/dist/css/skins/ 41 KB
4 KB 323ms
108ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/css/skins/_all-skins.min.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 4736672260ab0cf94ad37de85f33a0c5aeb75d70320fc6480956680a1ef41f31

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "a554-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3301

GET
H2 200 ckeditor.js Show response
cdn.ckeditor.com/4.5.2/full/ 542 KB
161 KB 178ms
63ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ckeditor.com/4.5.2/full/ckeditor.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 0215 /

Resource Hash

89966b7626c91cec9320b8ce54ae79db5de05e602b578475fd748e0ea042c35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cf3: H
cf4ttl: 604800.000
x-cf1: 28810:dB.waw1:co:1651480618:cacheN.waw1-01:D
content-length: 164316
x-xss-protection: 1; mode=block
x-cf-tsc: 1660885757
x-cf2: M
x-frame-options: sameorigin
last-modified: Tue, 04 Aug 2015 13:14:26 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf4age: 86399
accept-ranges: bytes
x-cf-rand: 19.652
expires: Thu, 25 Aug 2022 05:09:18 GMT

GET
H/1.1 200
OK hover.css
ngembassy.info/themes/default/assets/dist/css/ 102 KB
7 KB 328ms
111ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/css/hover.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 685454498ab464c992327759a925959c1360d694f00f18f7fc951c7abd63c0a9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1971f-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7203

GET
H/1.1 200
OK custom.css
ngembassy.info/themes/default/assets/dist/css/ 40 KB
7 KB 329ms
109ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/css/custom.css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: c6d209ce80af1a13e14a1d75f7311497df5f97de026bfa12295186dffdfdb1f5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Oct 2021 22:47:08 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "9fa1-5cf99b938b300-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7222

GET
H/1.1 200
OK jQuery-2.1.4.min.js Show response
ngembassy.info/themes/default/assets/plugins/jQuery/ 82 KB
29 KB 340ms
115ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/jQuery/jQuery-2.1.4.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "14979-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 29532

GET
H/1.1 200
OK jquery.inputmask.js Show response
ngembassy.info/themes/default/assets/plugins/input-mask/ 88 KB
16 KB 342ms
116ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/input-mask/jquery.inputmask.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a69d282071d6718929c2115e5220aeb7537c3affe7a04ee35ae814eac245574c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "161ab-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15666

GET
H/1.1 200
OK jquery.inputmask.date.extensions.js Show response
ngembassy.info/themes/default/assets/plugins/input-mask/ 22 KB
3 KB 431ms
108ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/input-mask/jquery.inputmask.date.extensions.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 14e8ff6d39adcaf4db1b200db29915a4a00744f27fd10614ef6f49949f534edc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "591e-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2827

GET
H/1.1 200
OK jquery.inputmask.extensions.js Show response
ngembassy.info/themes/default/assets/plugins/input-mask/ 5 KB
2 KB 440ms
109ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/input-mask/jquery.inputmask.extensions.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a58091f89f887419568e3fb01d7af0345757db9c225040f1493a4238ad161b0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "14c3-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1197

GET
H/1.1 200
OK custom_css
ngembassy.info/ 24 KB
5 KB 449ms
226ms Stylesheet
text/css 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/custom_css
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.37
Resource Hash: 00eb6ce2456c0dd817a87b3e7f7934ddcd91a2b29f304d1cd98cf319b4a38306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.6.37
Vary: Accept-Encoding,User-Agent
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 4420
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
72 KB 103ms
43ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6HX21LM9FM

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1d92a9bddc7cecf1746e447378807f6ad3149621abf8888346670b71e7c287e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73163
x-xss-protection: 0
expires: Fri, 19 Aug 2022 05:09:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 107ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc7e9b824a3c92ea7e1b73f8faea620de63dab812e0f9a5f264c9de6d7b0703e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57397
x-xss-protection: 0
server: cafe
etag: 5563837406185257386
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Aug 2022 05:09:17 GMT

GET
H/1.1 200
OK title_logo_embassy.png
ngembassy.info/uploads/ 2 KB
2 KB 204ms
108ms Image
image/png 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngembassy.info/uploads/title_logo_embassy.png
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a611eeac1a9d8bfd87c5a827d376f84dd2f9804dbe00dc445a26006cce941c8a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Last-Modified: Mon, 14 Dec 2020 00:42:02 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "800-5b661e9136a80"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2048

GET
H/1.1 200
OK 2142969514_4733c4f3d9_b.jpg
ngembassy.info/uploads/slider/ 590 KB
591 KB 160ms
109ms Image
image/jpeg 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngembassy.info/uploads/slider/2142969514_4733c4f3d9_b.jpg
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 0a2808c1a355beaedaa433468d889c36e5eae408b3eea9cedc6e320cc0cf7f41

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Last-Modified: Sat, 30 Jun 2018 00:13:46 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "938e4-56fd0d67dc280"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 604388

GET
H/1.1 200
OK lagcir.jpg
ngembassy.info/uploads/slider/ 257 KB
257 KB 107ms
107ms Image
image/jpeg 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngembassy.info/uploads/slider/lagcir.jpg
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 90fc73ab6be3925a0afb7afd6c6a6e95b910160571396131dd00442aa6216574

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Last-Modified: Tue, 26 Jun 2018 10:42:00 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "403d2-56f8925dd0e00"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 263122

GET
H/1.1 200
OK childrencarnivalandmasquerade1031.jpg
ngembassy.info/uploads/slider/ 2 MB
2 MB 116ms
116ms Image
image/jpeg 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngembassy.info/uploads/slider/childrencarnivalandmasquerade1031.jpg
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: df65617879e1296cad52d12caf7394191d9c54f3c457a225acc3bc6b9241b744

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Last-Modified: Tue, 26 Jun 2018 10:45:06 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "2425d2-56f8930f33080"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2368978

GET
H/1.1 200
OK bootstrap.min.js Show response
ngembassy.info/themes/default/assets/bootstrap/js/ 35 KB
10 KB 115ms
114ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "8c6f-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9539

GET
H/1.1 200
OK select2.full.min.js Show response
ngembassy.info/themes/default/assets/plugins/select2/ 70 KB
20 KB 115ms
115ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/select2/select2.full.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 4b43924b55481613b8536446f4fe4ad13b80a63f265ba25830614555b08d68fc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "11604-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20119

GET
H/1.1 200
OK moment.min.js Show response
ngembassy.info/themes/default/assets/plugins/daterangepicker/ 34 KB
12 KB 112ms
111ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/daterangepicker/moment.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "87b1-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 11869

GET
H/1.1 200
OK daterangepicker.js Show response
ngembassy.info/themes/default/assets/plugins/daterangepicker/ 52 KB
10 KB 113ms
111ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/daterangepicker/daterangepicker.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 9730fbde9ce805bcadb096de2dd86e0205dd5a87b3ab6b0433e65873d63d428c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "d1af-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9373

GET
H/1.1 200
OK bootstrap-timepicker.min.js Show response
ngembassy.info/themes/default/assets/plugins/timepicker/ 15 KB
4 KB 110ms
108ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/timepicker/bootstrap-timepicker.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: dc57a413d6bfd7f70b10453e990af4389e9e6f08c2b58aa30097d855e6260f52

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "3c5d-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3494

GET
H/1.1 200
OK icheck.min.js Show response
ngembassy.info/themes/default/assets/plugins/iCheck/ 4 KB
2 KB 111ms
108ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/iCheck/icheck.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "11a4-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2161

GET
H/1.1 200
OK jquery.slimscroll.min.js Show response
ngembassy.info/themes/default/assets/plugins/slimScroll/ 6 KB
2 KB 110ms
110ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/slimScroll/jquery.slimscroll.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: f7534a3e962da708c7b8a3b5f122669e4688a1c17f86e9fdb1b2684edca4f351

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:58 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1856-56f6c65c34380-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2062

GET
H/1.1 200
OK fastclick.min.js Show response
ngembassy.info/themes/default/assets/plugins/fastclick/ 9 KB
3 KB 114ms
113ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/plugins/fastclick/fastclick.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "2248-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2831

GET
H/1.1 200
OK app.min.js Show response
ngembassy.info/themes/default/assets/dist/js/ 9 KB
3 KB 109ms
108ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/js/app.min.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: a103c9f033863dc4bfd397f87a47fc652b7d6c8fb3278e2bdb0f30c963601d99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "2402-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2863

GET
H/1.1 200
OK imagelightbox.js Show response
ngembassy.info/themes/default/assets/dist/js/ 9 KB
3 KB 113ms
112ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/dist/js/imagelightbox.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 55a32cd3aa02ede12a27bff30307abee7970cbc2f0e3410ef14176d09a1db15e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "25d4-56f6c65a4bf00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2488

GET
H/1.1 200
OK custom_js Show response
ngembassy.info/ 16 KB
16 KB 205ms
205ms Script
text/style 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/custom_js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.37
Resource Hash: b88e2b045e3c6cb809fe254fb2fc1828639ed5ef95ce4fba582da56a693efd9c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 05:09:17 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.6.37
Vary: User-Agent
Content-Type: text/style;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cookieinfo.js Show response
ngembassy.info/scripts/ 7 KB
3 KB 114ms
113ms Script
application/javascript 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/scripts/cookieinfo.js
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: c16ce1c562a94558b9ef3c5047912c52b7d7864ba3198d39fafb8eaf87ccfa56

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Nov 2021 22:02:28 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "1dc9-5d0daf6f12500-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2984

GET
H/1.1 200
OK fontawesome-webfont.woff2
ngembassy.info/themes/default/assets/font-awesome/fonts/ 63 KB
63 KB 217ms
108ms Font
font/woff2 103.72.77.63
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ngembassy.info/themes/default/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: ngembassy.info
URL: https://ngembassy.info/themes/default/assets/font-awesome/css/font-awesome.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.72.77.63 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: m.server48.com
Software: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://ngembassy.info/themes/default/assets/font-awesome/css/font-awesome.css
Origin: https://ngembassy.info
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 05:09:17 GMT
Last-Modified: Mon, 25 Jun 2018 00:23:56 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips
ETag: "fbd0-56f6c65a4bf00"
Vary: User-Agent
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 64464

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/ 341 KB
120 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2910357982650786&plah=ngembassy.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

212d8937585611593fc231549fe3af49aeb35f462e19f10f0badc0503000341b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122626
x-xss-protection: 0
server: cafe
etag: 4411148412650040072
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 Aug 2022 05:09:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/ Frame 1F56 10 KB
5 KB 85ms
25ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 26074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 21:54:43 GMT
etag: 8616628553774171045
expires: Thu, 01 Sep 2022 21:54:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 69ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6HX21LM9FM&gtm=2oe8h0&_p=421292700&cid=2032086597.1660885758&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660885757&sct=1&seg=0&dl=https%3A%2F%2Fngembassy.info%2F&dt=ngEmbassy%20%3A%20Integrated%20Information%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6HX21LM9FM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ngembassy.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
649 B 96ms
35ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ngembassy.info&callback=_gfp_s_&client=ca-pub-2910357982650786

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2910357982650786&plah=ngembassy.info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

422234b812e8ed7336dcdd536a3974c9f2b67bfc6bb136a4f7d084c954b0b1d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 114ms
36ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 05:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 104ms
42ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 05:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 582E 281 KB
67 KB 845ms
785ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&adk=1812271804&adf=3025194257&lmt=1660885758&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fngembassy.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885757900&bpp=8&bdt=633&idt=108&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1630474891985&frm=20&pv=2&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b5916180d4e3a3b604e92b166bba20e42b8e8bc0b56fc3a7123252956707019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 68310
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 05:09:18 GMT
expires: Fri, 19 Aug 2022 05:09:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 940A 98 KB
31 KB 567ms
526ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660885758&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885757908&bpp=3&bdt=640&idt=137&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dv9b7clPKx&p=https%3A//ngembassy.info&dtd=140

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04dfee7238cc55671142bb2f4711ab060f5705fd5556cb0e29cc536d14ba0e98

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CITugM2R0vkCFcJmFQgd6mcNzw&gqi=_hr_YvfjBsKh-gbXgqz4Bw&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31653
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CITugM2R0vkCFcJmFQgd6mcNzw&gqi=_hr_YvfjBsKh-gbXgqz4Bw&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 05:09:18 GMT
expires: Fri, 19 Aug 2022 05:09:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 940A 84 KB
30 KB 125ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660885758&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885757908&bpp=3&bdt=640&idt=137&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dv9b7clPKx&p=https%3A//ngembassy.info&dtd=140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 16:37:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Aug 2022 16:37:59 GMT

GET
H3 200 8942885100812940211
tpc.googlesyndication.com/gpa_images/simgad/ Frame 940A 19 KB
20 KB 261ms
47ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/8942885100812940211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d33580e47196330c3ea4e63a058e4dbe1b7498c105d62e2e1fe32f0ad2fdfca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:17:24 GMT
x-content-type-options: nosniff
age: 255115
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19954
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 06:10:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Aug 2023 06:17:24 GMT

GET
H3 200 2039734753586292525
tpc.googlesyndication.com/gpa_images/simgad/ Frame 940A 13 KB
13 KB 264ms
51ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/2039734753586292525

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcfa1148508ddc6d52c109f593268eebafcb0db4394fddd92d7cdb7a13f92b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 16:17:12 GMT
x-content-type-options: nosniff
age: 219127
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13051
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 16:09:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Aug 2023 16:17:12 GMT

GET
H3 200 1826491263140010121
tpc.googlesyndication.com/gpa_images/simgad/ Frame 940A 19 KB
20 KB 259ms
46ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/1826491263140010121

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

389fdf942091b06f5edcd32d134ffc3b991fe10f71133c66181f1a27400db67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:17:18 GMT
x-content-type-options: nosniff
age: 255121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19967
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 06:10:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Aug 2023 06:17:18 GMT

GET
H3 200 2371744866726809021
tpc.googlesyndication.com/gpa_images/simgad/ Frame 940A 17 KB
17 KB 259ms
46ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/2371744866726809021

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2745cc4e10715345f5d1e8261dd1aee424e7d1f06b1100b8d4d555954f129c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:17:59 GMT
x-content-type-options: nosniff
age: 255080
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16959
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 06:11:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Aug 2023 06:17:59 GMT

GET
H3 200 12510506805586233611
tpc.googlesyndication.com/simgad/ Frame 940A 12 KB
12 KB 296ms
83ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12510506805586233611

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab25051f14c22e9ac50fa34afd3d1ba5274e45cd6ccdd151a70e8ec696e5d22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:50:31 GMT
x-content-type-options: nosniff
age: 177528
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12153
x-xss-protection: 0
last-modified: Mon, 06 Jul 2020 12:14:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 03:50:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 940A 0
0 95ms
93ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRlTf_hr_YoT3B8LN1fAP6s-1-Az6l7vOaf7045fAEKTn8u2VAhABIMr-1ocBYPsBoAHa1LrAAsgBCakC01mvY3HssD6oAwHIA8sEqgTLAU_Qo84FB4k9cTWOFskBsI1uVcCWDV1KnQsVTEAOCTAxixOMbfmNlDkgZvmOuOXKauZQ2UHkwhwfPtvQ6l61lLPhU2ZQZlFCGAtX5WKfoH_vERAoJ31wY0oXnpsBwq-sgr7bOW0klzTbm5SmDqh06lxJMTxoL00SPUQAxzIS30kiQw9CM8jMc7quIxa2Y9rmlB3kROXxnwE3L9m_uxCmu6s88sTIeymaqShBZKP0h6JlbGXBgNLpAL6KFC8PnaD6Nud05ASEYYWqI2lHwATPzM7J-AOIBf3U6vYxkgUECAQYAZIFBAgFGASgBi6AB46rxb8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEKiSEtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2gsICBEQ67ru7DjYEwv6FH0KBQiSBDAhEOu67uw4Gk4IARJKCjVodHRwczovL2hvb2tzLnphcGllci5jb20vaG9va3MvY2F0Y2gvMjU3MzQ4Ni9iYnMwZ3c4LxoPMjU3MzQ4Ni9iYnMwZ3c4IAEiAggFIgIIBiICCA4iAggLIgIIDDDoh-v2MTjYvZiBGNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=rzWrO96Ojok&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660885758&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885757908&bpp=3&bdt=640&idt=137&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dv9b7clPKx&p=https%3A//ngembassy.info&dtd=140
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Aug 2022 05:09:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Aug 2022 05:09:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 940A 23 KB
9 KB 272ms
68ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:55:35 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/ 150 KB
53 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30f482a1252b74dc5d09313d5e1e841c355c39f20b3b157bed7b76d0541ddb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54631
x-xss-protection: 0
server: cafe
etag: 14928438169034684507
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Aug 2022 05:09:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 89ms
35ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 05:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 90ms
36ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ngembassy.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 05:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D399 105 KB
35 KB 387ms
387ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=3066093774&pi=t.aa~a.312256432~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=2&bdt=1858&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LdcOutovgi&p=https%3A//ngembassy.info&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6bb8d82bec4fcea48ec3bfaee200a5194457d8effcef8f68635a848b9947a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 35696
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 05:09:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0477 105 KB
35 KB 399ms
399ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5de8f60349ef135d214c6503a4cd897a91909a988988554618f93775dad00208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 35668
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 05:09:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 45BE 120 KB
36 KB 387ms
386ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1858&idt=1&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280%2C1140x280&nras=5&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=9pNXvKWEEB&p=https%3A//ngembassy.info&dtd=31

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64a572e64ef64f78d6c1b06502bdffae7db2a50caf017d038820b2afc77556f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36849
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 05:09:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 07CE 143 B
163 B 26ms
26ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=1213588912&adf=2213160196&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660885758&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1200x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885757908&bpp=3&bdt=640&idt=137&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dv9b7clPKx&p=https%3A//ngembassy.info&dtd=140
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 19 Aug 2022 04:11:16 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 940A 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:29:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 940A 140 KB
44 KB 349ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 05:09:19 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/ Frame 5F51 10 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 38148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 18:33:31 GMT
etag: 8616628553774171045
expires: Thu, 01 Sep 2022 18:33:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/ Frame E32C 10 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 38148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 18:33:31 GMT
etag: 8616628553774171045
expires: Thu, 01 Sep 2022 18:33:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 5F51 4 KB
1 KB 95ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 05:02:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 05:09:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 05:09:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5F51 205 B
742 B 86ms
26ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 03:11:20 GMT
x-content-type-options: nosniff
age: 7079
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 19 Aug 2023 03:11:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5F51 604 B
694 B 88ms
27ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 03:04:24 GMT
x-content-type-options: nosniff
age: 7495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 19 Aug 2023 03:04:24 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame 5F51 19 KB
8 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8368
x-xss-protection: 0
server: cafe
etag: 5162546928090487746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 05:07:04 GMT

GET
H3 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E32C 84 KB
29 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 16:37:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Aug 2022 16:37:59 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 07CE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

80ms
79ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 05:09:19 GMT
expires: Fri, 19 Aug 2022 05:09:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 05:09:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 940A 17 KB
7 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:23:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E32C 0
0 71ms
71ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWe7X_hr_YpTAB9fsgAfZnqGwCPqXu85pvqTkl8AQt87Hqo8OEAEgyv7WhwFg-wGgAdrUusACyAEJqQLvC-0wUe2wPqgDAcgDywSqBMsBT9ASqzDz0CtjUGRCvMP3bY8hoGnnn1hmd7mOajpLDQZGbIGXJWETdtBcSqVHFrqsnK9UyDXocFNFcQ5OuGLEJTvHuZGFOvjve_Luafw2bb39jQS3o-Up0pUWF37RaxzK_FpaIQqh9vmHoONf9EWAsH9Epq-w0MnkODc3mMTCunqp9J_fdxWe8Axfb2WsiAWQhgLFY5rIrE0EbyM8CL7m6jRylJhRB-Lx8jUoWtY4sSxaL2V_TJpNoIhegOqZTtJoZgNBL8Al5Qnt4s3ABPeo-ePKA4gF_dTq9jGSBQQIBBgBkgUECAUYBKAGLoAHjqvFvwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ5OUF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHaCwgIERDruu7sONgTC_oUfQoFCJIEMCEQ67ru7DgaTggBEkoKNWh0dHBzOi8vaG9va3MuemFwaWVyLmNvbS9ob29rcy9jYXRjaC8yNTczNDg2L2JiczBndzgvGg8yNTczNDg2L2JiczBndzggASICCAUiAggGIgIIDiICCAsiAggMMOiH6_YxOP_wiIAY0BUBmBYBgBcBshccChoIABIUcHViLTI5MTAzNTc5ODI2NTA3ODYYAA&sigh=OzqBgLw1m78&uach_m=[UACH]&template_id=494

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Aug 2022 05:09:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame E32C 23 KB
9 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:55:35 GMT

GET
DATA 200
OK truncated
/ Frame 940A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45fa6b9007ea2bfa985bb3529c4031e1f673c8d0a447d3c34d4d7e3fa7f94bef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 4C3C 2 KB
904 B 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1761
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:39:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 4C3C 23 KB
9 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:55:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 4C3C 3 KB
1 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:29:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C3C 140 KB
43 KB 111ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 05:09:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 4C3C 17 KB
7 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:23:17 GMT

GET
H3 200 16838d5bcb4c763c91f5404f5ca97705.js Show response
www.gstatic.com/mysidia/ Frame 4C3C 33 KB
13 KB 81ms
26ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13605
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:40:59 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE7B 143 B
163 B 27ms
26ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 19 Aug 2022 04:11:16 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame E32C 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:29:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E32C 140 KB
43 KB 83ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 05:09:19 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE7B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
47ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 05:09:19 GMT
expires: Fri, 19 Aug 2022 05:09:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 05:09:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame B432 36 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 15:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 15:05:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame E32C 17 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:23:17 GMT

GET
H3 200 11ba241b9597ec96a8a9e01db4cce1e1.js Show response
www.gstatic.com/mysidia/ Frame D399 10 KB
4 KB 47ms
41ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/11ba241b9597ec96a8a9e01db4cce1e1.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=3066093774&pi=t.aa~a.312256432~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=2&bdt=1858&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LdcOutovgi&p=https%3A//ngembassy.info&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4562
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:40:59 GMT

GET
H3 200 61e8ce92b0d799c62b7491ac485b1437.js Show response
www.gstatic.com/mysidia/ Frame D399 150 KB
56 KB 70ms
65ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/61e8ce92b0d799c62b7491ac485b1437.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eae73d23698659f17bbaf4773a3a337dcffe040e2579d93eb25c292cefa29f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57122
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 04:52:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D399 6 KB
916 B 168ms
42ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3eb5b671ae37248c1f6efc99b1b671eae1026344cf7ba799fd7e07764f1ab2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 04:56:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 05:09:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 05:09:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame D399 2 KB
909 B 51ms
32ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:39:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame D399 23 KB
9 KB 52ms
49ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:55:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame D399 3 KB
1 KB 65ms
46ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:29:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D399 140 KB
43 KB 81ms
77ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 05:09:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame D399 17 KB
7 KB 85ms
82ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:23:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D399 0
0 80ms
64ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVHr88JNnT9liskPAka4BZPvykhw7rIMUKPaRcPdjTC-YrEJA1L8DZFkojBbxA18zEpKGYM2-cX495UyOTK5-Ikm-6Og
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=3066093774&pi=t.aa~a.312256432~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=2&bdt=1858&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LdcOutovgi&p=https%3A//ngembassy.info&dtd=20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 16838d5bcb4c763c91f5404f5ca97705.js Show response
www.gstatic.com/mysidia/ Frame D399 33 KB
13 KB 76ms
60ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13605
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:40:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 45BE 10 KB
994 B 165ms
43ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1858&idt=1&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280%2C1140x280&nras=5&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=9pNXvKWEEB&p=https%3A//ngembassy.info&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1855651d24584c20fb9bcc4980e360833af4eac312e3a39ec53aa82acd088b86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 04:58:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 05:09:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 05:09:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 45BE 2 KB
904 B 141ms
139ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1761
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:39:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 45BE 23 KB
9 KB 85ms
83ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:55:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 45BE 3 KB
1 KB 120ms
113ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:29:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 45BE 140 KB
43 KB 116ms
114ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 05:09:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 45BE 17 KB
7 KB 90ms
88ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:23:17 GMT

GET
H3 200 16838d5bcb4c763c91f5404f5ca97705.js Show response
www.gstatic.com/mysidia/ Frame 45BE 33 KB
13 KB 124ms
117ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13605
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:40:59 GMT

GET
H3 200 11ba241b9597ec96a8a9e01db4cce1e1.js Show response
www.gstatic.com/mysidia/ Frame 0477 10 KB
4 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/11ba241b9597ec96a8a9e01db4cce1e1.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4562
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:40:59 GMT

GET
H3 200 61e8ce92b0d799c62b7491ac485b1437.js Show response
www.gstatic.com/mysidia/ Frame 0477 150 KB
56 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/61e8ce92b0d799c62b7491ac485b1437.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eae73d23698659f17bbaf4773a3a337dcffe040e2579d93eb25c292cefa29f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57122
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 04:52:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0477 6 KB
916 B 160ms
41ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3eb5b671ae37248c1f6efc99b1b671eae1026344cf7ba799fd7e07764f1ab2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 03:09:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 05:09:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 05:09:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 0477 2 KB
909 B 52ms
47ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:39:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 0477 23 KB
9 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:55:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 0477 3 KB
1 KB 53ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:29:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0477 140 KB
43 KB 109ms
109ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 05:09:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 0477 17 KB
7 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 04:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:23:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0477 0
0 72ms
56ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9c_8AaEYhdtjDngQaWKIW7XN9ugfjZEW5YkWe9zva3rHHnI4SL6jtSvT_O54PIsZQ8pfZtMtYdJBJMbYepBN6XGvfXw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 16838d5bcb4c763c91f5404f5ca97705.js Show response
www.gstatic.com/mysidia/ Frame 0477 33 KB
13 KB 69ms
53ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13605
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:40:59 GMT

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame BE02 36 KB
14 KB 92ms
81ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 15:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 15:05:19 GMT

GET
DATA 200
OK truncated
/ Frame 45BE 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7d1cde7dd6457ab3780699765fe535407e971c7037713d38374036f80a44db9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 45BE 14 KB
14 KB 205ms
35ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQSoCkUw1xOiVscyyIPr9lPuBVy8WSicilCcUs7g6607yqMl88&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfa091b4f9b985cded34666a894522b3da011bfae2611938ebe6d8465ba9785e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 03:40:29 GMT
x-content-type-options: nosniff
age: 5331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14141
x-xss-protection: 0
last-modified: Fri, 09 Jul 2021 11:10:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Aug 2023 03:40:29 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 45BE 18 KB
18 KB 205ms
36ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTa-U4AEEK9p8SPVtR9L1NeqBndOMecTqlCvuu9IWbH1TQQdILAK0FxywbOg50&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d5539ac64ab1c604c4ac3970620da29fcf5d3192467e99fc7516f5a68ffbd04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:13:38 GMT
x-content-type-options: nosniff
age: 50142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18610
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 11:05:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 18 Aug 2023 15:13:38 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 45BE 29 KB
30 KB 207ms
38ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQae6Ys8_GoFyk4i0TbB01h8xXVLLTf1a8clyspECLNceK3M7d8PUfxr9AgCg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

873836cdfc70763cefacc94f8c4983e774caa87fea7bfaa435e9c3751982bc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 03:33:17 GMT
x-content-type-options: nosniff
age: 5763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30120
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 12:10:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Aug 2023 03:33:17 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 45BE 25 KB
26 KB 199ms
31ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT4fpi-0Svvezsj0dWxh5jAvVggYxPQDDuY_O85HLhr9jclvxgxevwU9JpfKHQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003f52438fce300a4103266bfa589d41752c101f8d7bd66e9300b8a02cfd7310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 20:15:58 GMT
x-content-type-options: nosniff
age: 550402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25885
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 20:11:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 12 Aug 2023 20:15:58 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 45BE 26 KB
27 KB 205ms
37ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRnN8XTm0EXXjGmThbStywfwpJEtwShGV3G7Piwm44WuB3d2GcG_CiF2BqbUX0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8a5c7061da0d191e720afa4ace08a3c416423d47752053c2b1b61f6bb5cb0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 03:33:17 GMT
x-content-type-options: nosniff
age: 5763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26707
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 12:10:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Aug 2023 03:33:17 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 45BE 20 KB
20 KB 237ms
69ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTy_uH7WTSynhUaMRixyDXV0-i23lGBLFMkGF1D8hVksOG0eiIh8FNHYCoTLMI&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

514c3c0946248a126ce44cc828b7a2bd09e25831e1163cefb0aab96d2bd0df21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 09:42:39 GMT
x-content-type-options: nosniff
age: 156401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20707
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 11:06:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 17 Aug 2023 09:42:39 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 45BE 23 KB
23 KB 223ms
56ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRF-Cy_utAdXftj7WAqI7nRCdoDvNMNyk5pWC-elScY0bH-5Z6uQxQnzDY0xMo&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7708b426ffe671df74f072b66251281cf876db19832d03b274157c98172ded3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 03:33:17 GMT
x-content-type-options: nosniff
age: 5763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23595
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 11:10:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Aug 2023 03:33:17 GMT

GET
H3

200

9842161770512313806
tpc.googlesyndication.com/simgad/ Frame 45BE
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCn4-iLJhCGBxiEBzIIE4raXef_y6Y
https://tpc.googlesyndication.com/simgad/9842161770512313806

22 KB
22 KB

69ms
37ms

Image
image/png

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9842161770512313806

Requested by

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78634d616263d8ccf82a93fe69895d847aa226cbb4faf9e32d80223479ccc6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 05:13:11 GMT
x-content-type-options: nosniff
age: 604569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22555
x-xss-protection: 0
last-modified: Thu, 09 Jan 2020 08:34:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Aug 2023 05:13:11 GMT

Redirect headers

date: Thu, 18 Aug 2022 16:26:49 GMT
x-content-type-options: nosniff
server: cafe
age: 45751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/9842161770512313806
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Sep 2022 16:26:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 45BE 0
0 156ms
94ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWYqG_xr_YurBIYaH1fAPvKiLyAfE3-D_atDIubqLEIz2xKjiLRABIMr-1ocBYPv5_IKICqAB37XCzAPIAQmoAwHIA8sEqgTYAU_QjnLYBXG3oXC8ynqs_afIvnQA4VVUyQ2utV3eGjwBjVPRhnHRWAvRKybk8I0G3zthpnCd1MDSQ9fqA8hVIOwaL_qYpog-FE7l0gDf2LadlzX1AOyC2Kw0vpKCGpMut9FtPKEZA--nKp_bcAWC6W3PGG6uud0LGFJOoo-9Ew63RlewC83nsUx1mpXl4VIB6itESKsxItYLJsG-gKb8mMFlf8e6MiT9g0ITn0wED57Lx8GY4ZeDh50i6oc91HDrmpjKsYpuDCblKgiUIY3Ex9M-746h4lvqYcAE8cDD6EeSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHicq9M6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC5pwTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=RqA9cGGnckg&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1858&idt=1&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280%2C1140x280&nras=5&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=9pNXvKWEEB&p=https%3A//ngembassy.info&dtd=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Aug 2022 05:09:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D399 29 KB
29 KB 71ms
58ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQae6Ys8_GoFyk4i0TbB01h8xXVLLTf1a8clyspECLNceK3M7d8PUfxr9AgCg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

873836cdfc70763cefacc94f8c4983e774caa87fea7bfaa435e9c3751982bc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 03:33:17 GMT
x-content-type-options: nosniff
age: 5763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30120
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 12:10:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Aug 2023 03:33:17 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame D399 25 KB
25 KB 91ms
78ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT4fpi-0Svvezsj0dWxh5jAvVggYxPQDDuY_O85HLhr9jclvxgxevwU9JpfKHQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003f52438fce300a4103266bfa589d41752c101f8d7bd66e9300b8a02cfd7310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 20:15:58 GMT
x-content-type-options: nosniff
age: 550402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25885
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 20:11:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 12 Aug 2023 20:15:58 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D399 26 KB
26 KB 69ms
57ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRnN8XTm0EXXjGmThbStywfwpJEtwShGV3G7Piwm44WuB3d2GcG_CiF2BqbUX0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8a5c7061da0d191e720afa4ace08a3c416423d47752053c2b1b61f6bb5cb0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 03:33:17 GMT
x-content-type-options: nosniff
age: 5763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26707
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 12:10:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Aug 2023 03:33:17 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame D399 20 KB
20 KB 101ms
90ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTy_uH7WTSynhUaMRixyDXV0-i23lGBLFMkGF1D8hVksOG0eiIh8FNHYCoTLMI&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

514c3c0946248a126ce44cc828b7a2bd09e25831e1163cefb0aab96d2bd0df21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 09:42:39 GMT
x-content-type-options: nosniff
age: 156401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20707
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 11:06:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 17 Aug 2023 09:42:39 GMT

GET
H3

200

9842161770512313806
tpc.googlesyndication.com/simgad/ Frame D399
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCn4-iLJhCGBxiEBzIIE4raXef_y6Y
https://tpc.googlesyndication.com/simgad/9842161770512313806

22 KB
22 KB

31ms
30ms

Image
image/png

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9842161770512313806

Requested by

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78634d616263d8ccf82a93fe69895d847aa226cbb4faf9e32d80223479ccc6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 05:13:11 GMT
x-content-type-options: nosniff
age: 604569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22555
x-xss-protection: 0
last-modified: Thu, 09 Jan 2020 08:34:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Aug 2023 05:13:11 GMT

Redirect headers

date: Thu, 18 Aug 2022 16:26:49 GMT
x-content-type-options: nosniff
server: cafe
age: 45751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/9842161770512313806
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Sep 2022 16:26:49 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 0477 29 KB
29 KB 78ms
26ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQae6Ys8_GoFyk4i0TbB01h8xXVLLTf1a8clyspECLNceK3M7d8PUfxr9AgCg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

873836cdfc70763cefacc94f8c4983e774caa87fea7bfaa435e9c3751982bc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 03:33:17 GMT
x-content-type-options: nosniff
age: 5763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30120
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 12:10:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Aug 2023 03:33:17 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 0477 25 KB
25 KB 89ms
37ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT4fpi-0Svvezsj0dWxh5jAvVggYxPQDDuY_O85HLhr9jclvxgxevwU9JpfKHQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003f52438fce300a4103266bfa589d41752c101f8d7bd66e9300b8a02cfd7310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 20:15:58 GMT
x-content-type-options: nosniff
age: 550402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25885
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 20:11:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 12 Aug 2023 20:15:58 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0477 26 KB
26 KB 63ms
16ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRnN8XTm0EXXjGmThbStywfwpJEtwShGV3G7Piwm44WuB3d2GcG_CiF2BqbUX0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8a5c7061da0d191e720afa4ace08a3c416423d47752053c2b1b61f6bb5cb0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 03:33:17 GMT
x-content-type-options: nosniff
age: 5763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26707
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 12:10:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Aug 2023 03:33:17 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame 0477 20 KB
20 KB 117ms
26ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTy_uH7WTSynhUaMRixyDXV0-i23lGBLFMkGF1D8hVksOG0eiIh8FNHYCoTLMI&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

514c3c0946248a126ce44cc828b7a2bd09e25831e1163cefb0aab96d2bd0df21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 09:42:39 GMT
x-content-type-options: nosniff
age: 156401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20707
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 11:06:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 17 Aug 2023 09:42:39 GMT

GET
H3

200

9842161770512313806
tpc.googlesyndication.com/simgad/ Frame 0477
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCn4-iLJhCGBxiEBzIIE4raXef_y6Y
https://tpc.googlesyndication.com/simgad/9842161770512313806

22 KB
22 KB

31ms
30ms

Image
image/png

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9842161770512313806

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78634d616263d8ccf82a93fe69895d847aa226cbb4faf9e32d80223479ccc6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 05:13:11 GMT
x-content-type-options: nosniff
age: 604569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22555
x-xss-protection: 0
last-modified: Thu, 09 Jan 2020 08:34:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Aug 2023 05:13:11 GMT

Redirect headers

date: Thu, 18 Aug 2022 16:26:49 GMT
x-content-type-options: nosniff
server: cafe
age: 45751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/9842161770512313806
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Sep 2022 16:26:49 GMT

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 36C7 36 KB
14 KB 69ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 15:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 15:05:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 88F1 1 KB
749 B 54ms
35ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 52367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 14:36:33 GMT
etag: 48472445140208031
expires: Fri, 19 Aug 2022 14:36:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 45BE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a46794c88c953b373ed25f978feb23191f4e778579cf1d151a28137a8b60167e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame D399 0
327 B 462ms
60ms Ping
image/gif 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l700hygq&c=2814531191793&slotId=1407265595896.5&qqid=CIeb182R0vkCFahjFQgdelgP0A&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/61e8ce92b0d799c62b7491ac485b1437.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

5493985391062758797
tpc.googlesyndication.com/simgad/ Frame D399
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOD4xt7xUxCwCRj0BDIIsnYymPgeJC4
https://tpc.googlesyndication.com/simgad/5493985391062758797

2 MB
2 MB

33ms
33ms

Image
image/png

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5493985391062758797

Requested by

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1442c7bac31f0e3490d26c3d3b39e1bb4296275c503d8d9efd0cd8e13acd69f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 22:55:12 GMT
x-content-type-options: nosniff
age: 108848
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1649549
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 03:28:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 22:55:12 GMT

Redirect headers

date: Thu, 18 Aug 2022 11:19:40 GMT
x-content-type-options: nosniff
server: cafe
age: 64180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/5493985391062758797
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Sep 2022 11:19:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D399 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cm6DF_xr_YsefIajH1fAP-rC9gA3E3-D_atDIubqLEIz2xKjiLRABIMr-1ocBYPsBoAHftcLMA8gBCagDAcgDywSqBNkBT9BnG-F_vGFSTm52iSfe16UysC3a8w1op2F0J5s3q2dXIJE01l8edAXagB1e0f2ny_YM7IMzNIUUDaddHmD0AQyZqsRBjd4C7hJWfnuPq9YVScVGtAXUQ9UrtUJi97MGyzjbWgUwCKDxIHhMZVQ9-Df6HV9b1jvCok3jnFLT-AMETWSJfBMvc2Z7uF_VcobWGfL44ytrJmZ_muaFaZateWHuP8eVmLEWQIWCJZbOTr9rZSZNV5MmW4TI6vCtF68rv5zYLVyVwSWbyrrhxqbgbdWOxdN-CLhMCMAE8cDD6EeSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHicq9M6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDCwRLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yOTEwMzU3OTgyNjUwNzg2GAA&sigh=Xl_6JOrVhYc&uach_m=[UACH]&template_id=499

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=3066093774&pi=t.aa~a.312256432~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=2&bdt=1858&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LdcOutovgi&p=https%3A//ngembassy.info&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Aug 2022 05:09:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EA92 1 KB
749 B 27ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 52367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 14:36:33 GMT
etag: 48472445140208031
expires: Fri, 19 Aug 2022 14:36:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D399 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acb265081733525dfd93b009310cc76ef24bb0026cd5c2b52e4775c36375314f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 0477 0
54 B 416ms
61ms Ping
image/gif 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l700hyh2&c=161656722307&slotId=80828361153.5&qqid=CJW-182R0vkCFVOgcQod8R8BZg&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/61e8ce92b0d799c62b7491ac485b1437.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

5493985391062758797
tpc.googlesyndication.com/simgad/ Frame 0477
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOD4xt7xUxCwCRj0BDIIsnYymPgeJC4
https://tpc.googlesyndication.com/simgad/5493985391062758797

2 MB
2 MB

31ms
31ms

Image
image/png

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5493985391062758797

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1442c7bac31f0e3490d26c3d3b39e1bb4296275c503d8d9efd0cd8e13acd69f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 22:55:12 GMT
x-content-type-options: nosniff
age: 108848
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1649549
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 03:28:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 22:55:12 GMT

Redirect headers

date: Thu, 18 Aug 2022 11:19:40 GMT
x-content-type-options: nosniff
server: cafe
age: 64180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/5493985391062758797
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Sep 2022 11:19:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0477 0
0 76ms
76ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3Z9w_xr_YtXCIdPAxgPxv4SwBsTf4P9q0Mi5uosQjPbEqOItEAEgyv7WhwFg-wGgAd-1wswDyAEJqAMByAPLBKoE2QFP0CWuiEn5NleV9aBMLNXVCHXqdieGfoPioQ5XgBMYmROirrwZw0e-tOU42Ou0mvYgDJm4fO_5OFzcs7n9gUAH86vwqWM7sZ_LSgXTlGOjXbN7YYKdXnzy4Jedi3hLvy8SIPX5ixw9xHbVtkuNcG6FtgAtW-3ypwQQrsQnAhB495zWCUj6TF-bpnLFSIanl6hYAffHSNctDVRisHpe5c1PcdRTuAB7_zs0ZgOgSTS1P43J1D8baKmxdFQ3vq0s9VBO1bIJut4InSKozysqRDj9IJX_WT4XZqcKwATxwMPoR5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeJyr0zqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOKEDdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTI5MTAzNTc5ODI2NTA3ODYYAA&sigh=igbA2kl_6Ro&uach_m=[UACH]&template_id=499

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Aug 2022 05:09:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7F7F 1 KB
749 B 34ms
32ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 52367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 14:36:33 GMT
etag: 48472445140208031
expires: Fri, 19 Aug 2022 14:36:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

206

videoplayback
r15---sn-quxapm-3c2s.gvt1.com/ Frame D399
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=9e2bba95479b66cc&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1660892959&sparams=ip,ipbits,expire,id,...
https://r15---sn-quxapm-3c2s.gvt1.com/videoplayback?id=9e2bba95479b66cc&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1660892959&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,...

2 MB
2 MB

223ms
57ms

Media
video/mp4

2a0f:f4c1:2::22
YOUTUBE

General

Check archive.org

Show headers Download Go to

Full URL

https://r15---sn-quxapm-3c2s.gvt1.com/videoplayback?id=9e2bba95479b66cc&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1660892959&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=7DE97E907CE0443D8E002F84311BC2F93046C57B.62AFB584F18E67B78403C3BAFDCFA83C7DB43396&key=cms1&cms_redirect=yes&mh=pB&mip=2001:41d0:d:364d::2&mm=28&mn=sn-quxapm-3c2s&ms=nvh&mt=1660884780&mv=u&mvi=15&pl=48

Requested by

Protocol

Server

2a0f:f4c1:2::22 , Ukraine, ASN36040 (YOUTUBE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

74403098f0a9772348edabbac478f539aba1000178f603edc45f572f97c65bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Aug 2022 23:27:39 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-2007721/2007722
client-protocol: quic
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2007722
expires: Fri, 19 Aug 2022 05:09:20 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r15---sn-quxapm-3c2s.gvt1.com/videoplayback?id=9e2bba95479b66cc&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1660892959&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=7DE97E907CE0443D8E002F84311BC2F93046C57B.62AFB584F18E67B78403C3BAFDCFA83C7DB43396&key=cms1&cms_redirect=yes&mh=pB&mip=2001:41d0:d:364d::2&mm=28&mn=sn-quxapm-3c2s&ms=nvh&mt=1660884780&mv=u&mvi=15&pl=48
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 714
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0477 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21b277a73ac77bf9760b27876f0519cf74d0ebaaf05240c2483601fae3ce7f8f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 45BE 20 KB
21 KB 93ms
29ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 197740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 22:13:40 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 45BE 28 KB
28 KB 157ms
99ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 159876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 08:44:44 GMT

GET
H3

206

videoplayback
r15---sn-quxapm-3c2s.gvt1.com/ Frame 0477
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=9e2bba95479b66cc&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1660892959&sparams=ip,ipbits,expire,id,...
https://r15---sn-quxapm-3c2s.gvt1.com/videoplayback?id=9e2bba95479b66cc&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1660892959&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,...

2 MB
2 MB

225ms
58ms

Media
video/mp4

2a0f:f4c1:2::22
YOUTUBE

General

Check archive.org

Show headers Download Go to

Full URL

https://r15---sn-quxapm-3c2s.gvt1.com/videoplayback?id=9e2bba95479b66cc&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1660892959&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pcm2cms,pl,requiressl,source&signature=4B7BC7716E1A7FCADF16A35846B100733DDEC3E7.40D2ECC8FD0D443993FD5130E70A60AD07212088&key=cms1&cms_redirect=yes&mh=pB&mip=2001:41d0:d:364d::2&mm=28&mn=sn-quxapm-3c2s&ms=nvh&mt=1660884780&mv=u&mvi=15&pcm2cms=yes&pl=48

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Server

2a0f:f4c1:2::22 , Ukraine, ASN36040 (YOUTUBE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

74403098f0a9772348edabbac478f539aba1000178f603edc45f572f97c65bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Aug 2022 23:27:39 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-2007721/2007722
client-protocol: quic
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2007722
expires: Fri, 19 Aug 2022 05:09:20 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r15---sn-quxapm-3c2s.gvt1.com/videoplayback?id=9e2bba95479b66cc&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1660892959&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pcm2cms,pl,requiressl,source&signature=4B7BC7716E1A7FCADF16A35846B100733DDEC3E7.40D2ECC8FD0D443993FD5130E70A60AD07212088&key=cms1&cms_redirect=yes&mh=pB&mip=2001:41d0:d:364d::2&mm=28&mn=sn-quxapm-3c2s&ms=nvh&mt=1660884780&mv=u&mvi=15&pcm2cms=yes&pl=48
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 0477 20 KB
20 KB 68ms
57ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 197740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 22:13:40 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 0477 17 KB
17 KB 74ms
64ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 20:10:26 GMT
x-content-type-options: nosniff
age: 118734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17204
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 20:10:26 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D399 20 KB
20 KB 118ms
34ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 197740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 22:13:40 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame D399 17 KB
17 KB 116ms
34ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 20:10:26 GMT
x-content-type-options: nosniff
age: 118734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17204
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 20:10:26 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 88F1 35 B
463 B 177ms
29ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMmZek-hblYgfyQPdae8BrE&google_cver=1&google_push=AehlK4D6NNQaOP8YQEHcQ2AvSzC1Jg5NJw37c5HVsBAbep_cu4OrQ8tsGtavIJfA-GY3mOBvzUZMLFqj0BREHT8r2D8_BZgXtsI

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88F1
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4AISGklzQ7-VyEKEWa3Qn4efPG2ChWHJ9cVHRjjbuJwctEkdhK4AByK12Dj5oLWZ3zKyk3dsMhzexjO5A8Un0gvMYG_Rms&google_gid=CAESEK2BPwuMqrHqifsxKBpITg0&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIC2_JcGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BZWhsSzRBSVNHa2x6UTctVnlFS0VXYTNRbjRlZlBHMkNoV0hKOWNWSFJqamJ1SndjdEVrZGhLNEFCeUsxMkRqNW9MV1ozekt5azNkc01oemV4ak81QT...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNXY4MFc3c0ZpU3JqbWdVWldiTW52SHZDS2MwWlBfOURVM3VEQkpXdVh6UQ==&google_push

170 B
188 B

36ms
36ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNXY4MFc3c0ZpU3JqbWdVWldiTW52SHZDS2MwWlBfOURVM3VEQkpXdVh6UQ==&google_push

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Aug 2022 05:09:20 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNXY4MFc3c0ZpU3JqbWdVWldiTW52SHZDS2MwWlBfOURVM3VEQkpXdVh6UQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88F1
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESECx1q5b_55xH7ihuK-vxkAE&google_cver=1&google_push=AehlK4BnyiH8gThbEgwGSfLxFi1FJ6xyj6Z_yufMcRc74yPwnyZ-JjPK4s8dA0AQvXSHE47xIwaqHNqqK0Fotyh0XkNYTr9LuCtV
https://rtb.openx.net/sync/dds?google_gid=CAESECx1q5b_55xH7ihuK-vxkAE&google_cver=1&google_push=AehlK4BnyiH8gThbEgwGSfLxFi1FJ6xyj6Z_yufMcRc74yPwnyZ-JjPK4s8dA0AQvXSHE47xIwaqHNqqK0Fotyh0XkNYTr9LuCtV&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4BnyiH8gThbEgwGSfLxFi1FJ6xyj6Z_yufMcRc74yPwnyZ-JjPK4s8dA0AQvXSHE47xIwaqHNqqK0Fotyh0XkNYTr9LuCtV&google_hm=cabRaokux4MJqkDygXQytQ==

170 B
188 B

46ms
38ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4BnyiH8gThbEgwGSfLxFi1FJ6xyj6Z_yufMcRc74yPwnyZ-JjPK4s8dA0AQvXSHE47xIwaqHNqqK0Fotyh0XkNYTr9LuCtV&google_hm=cabRaokux4MJqkDygXQytQ==

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4BnyiH8gThbEgwGSfLxFi1FJ6xyj6Z_yufMcRc74yPwnyZ-JjPK4s8dA0AQvXSHE47xIwaqHNqqK0Fotyh0XkNYTr9LuCtV&google_hm=cabRaokux4MJqkDygXQytQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: k2oesrdn5s9pfeuse0d6ka46q13sn0i7

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 88F1 0
166 B 123ms
51ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBmluMZgB6eVrNNe6BbVLt4&google_cver=1&google_push=AehlK4Al0YCsSjOpD75STmdoojzbeV9NeIwXyGOCucwln8sTjOD2elZQvm5GaSB4e_zHTH0TUaIe51-WigMsboCqwlzkvgp1_X8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=90&adk=4204718025&adf=2913177901&pi=t.aa~a.2933074733~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1200x90&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1858&idt=1&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280%2C1140x280&nras=5&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=9pNXvKWEEB&p=https%3A//ngembassy.info&dtd=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88F1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOJxi6KWyiF448C2_Afu4vU&google_cver=1&google_push=AehlK4COS_QzrXbCvmMpwktD7m944n4eQLLVAns7sSE7dciSozdaWpI3wDf0wpDb35xd16XbDFd...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwMEhZWE8tUi0xNkMx&google_push=AehlK4COS_QzrXbCvmMpwktD7m944n4eQLLVAns7sSE7dciSozdaWpI3wDf0wpDb35xd16XbDFdTOFto21SdJpd84OOsSJ--LTQ

170 B
188 B

90ms
36ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwMEhZWE8tUi0xNkMx&google_push=AehlK4COS_QzrXbCvmMpwktD7m944n4eQLLVAns7sSE7dciSozdaWpI3wDf0wpDb35xd16XbDFdTOFto21SdJpd84OOsSJ--LTQ

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwMEhZWE8tUi0xNkMx&google_push=AehlK4COS_QzrXbCvmMpwktD7m944n4eQLLVAns7sSE7dciSozdaWpI3wDf0wpDb35xd16XbDFdTOFto21SdJpd84OOsSJ--LTQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88F1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_hm=Yv8bAAPEe_OjLVhmLrmUzAAABGAAAAIB&google_nid=index&google_push=AehlK4AzRDzUagwQwIhoZymi6cLBvrwwvhtiF...

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_hm=Yv8bAAPEe_OjLVhmLrmUzAAABGAAAAIB&google_nid=index&google_push=AehlK4AzRDzUagwQwIhoZymi6cLBvrwwvhtiF7sDzOizIzcfF9hq7dQb-AJmp3-qWCgryMWq22sBVXgzrafVycowCqKC9vDkjx-A

Requested by

Host: ngembassy.info
URL: https://ngembassy.info/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2F3%2BkQndqRSuU%2FR99AH2qUqXRxj8rITqKjJ%2FUV%2Fg4WoY1byKlmuAoAb4z9O82VwEikQEllAnlPzJ9KXAf2JE2QpHmISa7aglBVppzHjeBHNNKB8OTVCQIuRxIDSdRpiXpQIqeWhCr5S2Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_hm=Yv8bAAPEe_OjLVhmLrmUzAAABGAAAAIB&google_nid=index&google_push=AehlK4AzRDzUagwQwIhoZymi6cLBvrwwvhtiF7sDzOizIzcfF9hq7dQb-AJmp3-qWCgryMWq22sBVXgzrafVycowCqKC9vDkjx-A
cache-control: no-cache
cf-ray: 73d060659da8d410-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 88F1 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 88F1 0
232 B 178ms
38ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IOgaGya9ZRKY6dTSUbIuaPH7ZTaIOKd83BSHEIEAA1_XWVezRQZhcEOa68IWT8e9evmgWK0g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame EA92 35 B
462 B 160ms
32ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMmZek-hblYgfyQPdae8BrE&google_cver=1&google_push=AehlK4C2vjvY05Tg7nO9G7FpGt641e5GdVrmH9KQQhsSjWf2eNyfSaC9YZfj4c-D_egMjU6L3VGeLQZJBwZpq6R0LBwGrdm5lQcW

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA92
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DtJLoX...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DtJLoX...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTkwNTA5MjEwMDA2NDk4OTA4MzYwNg%3D%3D&google_push=AehlK4DtJLoXWlV5Oqt38zZ8XbcdnhjpeUDItwIs6lksBKc-nrsVrZaZFgMOxsW6sSIAOu...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTkwNTA5MjEwMDA2NDk4OTA4MzYwNg%3D%3D&google_push=AehlK4DtJLoXWlV5Oqt38zZ8XbcdnhjpeUDItwIs6lksBKc-nrsVrZaZFgMOxsW6sSIAOu3SZwXkfsSQCKzygLlTqrFyxg8RMew

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTkwNTA5MjEwMDA2NDk4OTA4MzYwNg%3D%3D&google_push=AehlK4DtJLoXWlV5Oqt38zZ8XbcdnhjpeUDItwIs6lksBKc-nrsVrZaZFgMOxsW6sSIAOu3SZwXkfsSQCKzygLlTqrFyxg8RMew
pragma: no-cache
date: Fri, 19 Aug 2022 05:09:21 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 19 Aug 2022 05:09:21 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA92
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESECx1q5b_55xH7ihuK-vxkAE&google_cver=1&google_push=AehlK4CpWhid0R4xteykrKhvvjWiW277L2F7_EDBvjHE_RDuZkmSquGFDS9ZyuK9j_urAeQ4exLy4C2DeRGsi1JTMCI2PlbU2rk
https://rtb.openx.net/sync/dds?google_gid=CAESECx1q5b_55xH7ihuK-vxkAE&google_cver=1&google_push=AehlK4CpWhid0R4xteykrKhvvjWiW277L2F7_EDBvjHE_RDuZkmSquGFDS9ZyuK9j_urAeQ4exLy4C2DeRGsi1JTMCI2PlbU2rk&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CpWhid0R4xteykrKhvvjWiW277L2F7_EDBvjHE_RDuZkmSquGFDS9ZyuK9j_urAeQ4exLy4C2DeRGsi1JTMCI2PlbU2rk&google_hm=skQfuDX6wVEcYr9MM025KQ==

170 B
188 B

102ms
102ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CpWhid0R4xteykrKhvvjWiW277L2F7_EDBvjHE_RDuZkmSquGFDS9ZyuK9j_urAeQ4exLy4C2DeRGsi1JTMCI2PlbU2rk&google_hm=skQfuDX6wVEcYr9MM025KQ==

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CpWhid0R4xteykrKhvvjWiW277L2F7_EDBvjHE_RDuZkmSquGFDS9ZyuK9j_urAeQ4exLy4C2DeRGsi1JTMCI2PlbU2rk&google_hm=skQfuDX6wVEcYr9MM025KQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 907so0mgkid5m88s4b4lllilplfoet95

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame EA92 0
41 B 107ms
51ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBmluMZgB6eVrNNe6BbVLt4&google_cver=1&google_push=AehlK4DDERfv-nWUlrKomE9XkqA4z57zajas45RBXiXJscFhZqqSDlH7H9jHsY2A8sBpzIHE5h-ZNgK_FDynGnT63XUFW7IkwcD0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=3066093774&pi=t.aa~a.312256432~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=2&bdt=1858&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LdcOutovgi&p=https%3A//ngembassy.info&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA92
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOJxi6KWyiF448C2_Afu4vU&google_cver=1&google_push=AehlK4BxMOJ6d5SvHj-DXAcu0AaeaErYES7pjlbqfi7MpqFBdyrZhsvfORXXq8q3KF5jTW12mb1...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwMEhZWlYtMjAtSDRFRg==&google_push=AehlK4BxMOJ6d5SvHj-DXAcu0AaeaErYES7pjlbqfi7MpqFBdyrZhsvfORXXq8q3KF5jTW12mb1MrJ6HFpOFzM72aGrbmSUJehk

170 B
188 B

64ms
37ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwMEhZWlYtMjAtSDRFRg==&google_push=AehlK4BxMOJ6d5SvHj-DXAcu0AaeaErYES7pjlbqfi7MpqFBdyrZhsvfORXXq8q3KF5jTW12mb1MrJ6HFpOFzM72aGrbmSUJehk

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwMEhZWlYtMjAtSDRFRg==&google_push=AehlK4BxMOJ6d5SvHj-DXAcu0AaeaErYES7pjlbqfi7MpqFBdyrZhsvfORXXq8q3KF5jTW12mb1MrJ6HFpOFzM72aGrbmSUJehk
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA92
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_hm=Yv8bAAPEe_OjLVhmLrmUzAAABGAAAAIB&google_nid=index&google_push=AehlK4BshQ-hmmaoDY5YCwjqlzqxEjDCiKfUi...

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_hm=Yv8bAAPEe_OjLVhmLrmUzAAABGAAAAIB&google_nid=index&google_push=AehlK4BshQ-hmmaoDY5YCwjqlzqxEjDCiKfUilqu40F2o3_Z1aWzSM_mmhtSjDiOqcjnJOvmnEaKCSYXvKP0mnjSlFEA17vaV7lU

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWINTT%2BE5KkXzHo4IVYXDFOo2pWJaDMS7I%2F6343yvLzx3mk7OHkZYxwwG1prPaRzRhzB4Ujyj4%2B3w%2FRYqVc4dGcLTotllPd%2FvjVXFx43IN8GKTCwtaHIYYEFsBxIwpye3PGL75sbwPtX9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_hm=Yv8bAAPEe_OjLVhmLrmUzAAABGAAAAIB&google_nid=index&google_push=AehlK4BshQ-hmmaoDY5YCwjqlzqxEjDCiKfUilqu40F2o3_Z1aWzSM_mmhtSjDiOqcjnJOvmnEaKCSYXvKP0mnjSlFEA17vaV7lU
cache-control: no-cache
cf-ray: 73d060659da6d410-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame EA92 43 B
296 B 429ms
24ms Image
image/gif 2a05:d01c:1d8:8102:d09f:4639:d8c6:6199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKuKItwyoFMw18_yTNSykNU&google_cver=1&google_push=AehlK4DZre8Ta3gejjCR77naDfJLFGVZcaGxuf5_rfbUeAyOpm7rw85Gf3Rg8JkdZwZWBYV8DWZT7lZRQdFomT-Kh1Dr2HTZGbw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=3066093774&pi=t.aa~a.312256432~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=2&bdt=1858&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280&nras=3&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=LdcOutovgi&p=https%3A//ngembassy.info&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:d09f:4639:d8c6:6199 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:21 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EA92 0
40 B 164ms
39ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1_8Hs_0c8nAyTwvrykk3UMCMZdBsRPE0AKbf9AZniYwIasVT8XWWX9JmbQtMpYxzjO2Da

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7F7F 35 B
462 B 133ms
30ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMmZek-hblYgfyQPdae8BrE&google_cver=1&google_push=AehlK4Ci7ea87W00ZRHIqArkSkTXTreCnYqYUcOjZWQbOxEwDDYYH_MgajH9R7cqiwmzacj8KhgEoG4ErMskzve0TqLzykXqvdc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F7F
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJxA5Y7-RWu2bBTtTE9o2cU&google_push=AehlK4CrZgZer73aKsFXdP-K-zNxD9H1_BR1Y5KsUU2ghohx564aTIrgF7Fr-ZIPpvbqtjYn0IW3M77kwGk_8-rbfOcFMmD...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AehlK4CrZgZer73aKsFXdP-K-zNxD9H1_BR1Y5KsUU2ghohx564aTIrgF7Fr-ZIPpvbqtjYn0IW3M77kwGk_8-rbfOcFMmD7BSA5&google_hm=MTA4MTI1Nzk3NTc0MD...

170 B
188 B

92ms
39ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AehlK4CrZgZer73aKsFXdP-K-zNxD9H1_BR1Y5KsUU2ghohx564aTIrgF7Fr-ZIPpvbqtjYn0IW3M77kwGk_8-rbfOcFMmD7BSA5&google_hm=MTA4MTI1Nzk3NTc0MDE5MTA3NTI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AehlK4CrZgZer73aKsFXdP-K-zNxD9H1_BR1Y5KsUU2ghohx564aTIrgF7Fr-ZIPpvbqtjYn0IW3M77kwGk_8-rbfOcFMmD7BSA5&google_hm=MTA4MTI1Nzk3NTc0MDE5MTA3NTI
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F7F
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESECx1q5b_55xH7ihuK-vxkAE&google_cver=1&google_push=AehlK4DnwN5-FRp8LXEfs7AB30hIOWHpPbVOWHUpJ3I93MKkOhcsrUS0NAHX22LzEKNDvioFqy70HIz6FcfWDKXYCGqgXcQEADvx
https://rtb.openx.net/sync/dds?google_gid=CAESECx1q5b_55xH7ihuK-vxkAE&google_cver=1&google_push=AehlK4DnwN5-FRp8LXEfs7AB30hIOWHpPbVOWHUpJ3I93MKkOhcsrUS0NAHX22LzEKNDvioFqy70HIz6FcfWDKXYCGqgXcQEADvx&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DnwN5-FRp8LXEfs7AB30hIOWHpPbVOWHUpJ3I93MKkOhcsrUS0NAHX22LzEKNDvioFqy70HIz6FcfWDKXYCGqgXcQEADvx&google_hm=skQfuDX6wVEcYr9MM025KQ==

170 B
188 B

103ms
102ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DnwN5-FRp8LXEfs7AB30hIOWHpPbVOWHUpJ3I93MKkOhcsrUS0NAHX22LzEKNDvioFqy70HIz6FcfWDKXYCGqgXcQEADvx&google_hm=skQfuDX6wVEcYr9MM025KQ==

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DnwN5-FRp8LXEfs7AB30hIOWHpPbVOWHUpJ3I93MKkOhcsrUS0NAHX22LzEKNDvioFqy70HIz6FcfWDKXYCGqgXcQEADvx&google_hm=skQfuDX6wVEcYr9MM025KQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 8a7iegj9vui8j058j82vso3lot90n6g9

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 7F7F 0
41 B 83ms
52ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBmluMZgB6eVrNNe6BbVLt4&google_cver=1&google_push=AehlK4DWW8d5WmPHIwQhKS8rHYnIC9cHOej83-DwQ6lGki39mZ7WZGeWQByzSkNBe054vkbV21iE4JlRclTWEDftc_xUABAiJksa
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F7F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOJxi6KWyiF448C2_Afu4vU&google_cver=1&google_push=AehlK4CQe8kxL3vTKTokhEmq-iBtm6ivwMKfOvlE9j9GhofQ2LMSEV5rwEs4VV3LexlXHrikzGW...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwMEhaMFAtMjItOVNFNg==&google_push=AehlK4CQe8kxL3vTKTokhEmq-iBtm6ivwMKfOvlE9j9GhofQ2LMSEV5rwEs4VV3LexlXHrikzGWX4atXpn5DtBhElHiOLsCXOlRV

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwMEhaMFAtMjItOVNFNg==&google_push=AehlK4CQe8kxL3vTKTokhEmq-iBtm6ivwMKfOvlE9j9GhofQ2LMSEV5rwEs4VV3LexlXHrikzGWX4atXpn5DtBhElHiOLsCXOlRV

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwMEhaMFAtMjItOVNFNg==&google_push=AehlK4CQe8kxL3vTKTokhEmq-iBtm6ivwMKfOvlE9j9GhofQ2LMSEV5rwEs4VV3LexlXHrikzGWX4atXpn5DtBhElHiOLsCXOlRV
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F7F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_hm=Yv8bAAPEe_OjLVhmLrmUzAAABGAAAAIB&google_nid=index&google_push=AehlK4CBPyGKFZNMYVMR5tr5l5f7TYVmEG4sS...

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_hm=Yv8bAAPEe_OjLVhmLrmUzAAABGAAAAIB&google_nid=index&google_push=AehlK4CBPyGKFZNMYVMR5tr5l5f7TYVmEG4sS7EHliRcV5mms7ecy-YHwYG_MJ7vha0r-BASBQ2AdOdA_sH4aeNzxJSv75s3Fx7l

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJJQDITUCus4Bn5w3jQzy11FgYfG%2FGx6J9xXBZYlxkbcKCieAbm3jnGaGMiMjiHOQcIGfNUvJhi2H9NSneVjDPNPWIfqFbnuwG00TSmSjqw1Gj0VqxUYAlqSf1XV2brtrmAcz3jC2wuz8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVxf1Xz6a_79s7TF8BiKaA&google_hm=Yv8bAAPEe_OjLVhmLrmUzAAABGAAAAIB&google_nid=index&google_push=AehlK4CBPyGKFZNMYVMR5tr5l5f7TYVmEG4sS7EHliRcV5mms7ecy-YHwYG_MJ7vha0r-BASBQ2AdOdA_sH4aeNzxJSv75s3Fx7l
cache-control: no-cache
cf-ray: 73d060659da7d410-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 7F7F 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7F7F 0
40 B 137ms
40ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L59PoZYDBlUnuNOC5OVt1pAtBZ-iggcE0CL_SjTPa87D6FBs7Hgq61t1yOyik5RzfUTJPuyw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8126 36 KB
14 KB 39ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 15:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 15:05:19 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 940A 42 B
64 B 125ms
64ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4P8Qi7QUKsNipDA2ZR-d1ze6cUAETu7NabAn5Rshe5fIsexi9m68uoOGlSG1cVPAHuvZIAwiuK1TBnaku6CIXn7Q5cDbX13a0I9qD4dFGai8oRP0czcm-4ISqlKvrpPXeWBujwYTu-JEw&sai=AMfl-YR9lPAk70wUw3XAjeVB7XzG2mWzS4H1QNLG0Z468odIvUYQEyHvRBNj2hR_mX2KzmtDQvmRNtXYr2Kj&sig=Cg0ArKJSzPss6gXsu17DEAE&id=lidar2&mcvt=1081&p=0,0,280,1200&mtos=1081,1081,1081,1081,1081&tos=1081,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=21&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660885758050&rpt=1727&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame B57F 36 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2910357982650786&output=html&h=280&adk=940430000&adf=2138196203&pi=t.aa~a.312256432~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1660885759&rafmt=1&to=qs&pwprc=3018914672&psa=0&format=1140x280&url=https%3A%2F%2Fngembassy.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660885759125&bpp=1&bdt=1857&idt=-M&shv=r20220817&mjsv=m202208150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39d884ef3797120b-2246da41f7cd005d%3AT%3D1660885758%3ART%3D1660885758%3AS%3DALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=1630474891985&frm=20&pv=1&ga_vid=2032086597.1660885758&ga_sid=1660885758&ga_hid=421292700&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44764002%2C31067825%2C31068919&oid=2&pvsid=3403245690169510&tmod=1372640210&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XxUrdoHocv&p=https%3A//ngembassy.info&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 15:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 15:05:19 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 109ms
108ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e472caee640748b138e2397f8c3f9eb11ef5a65ccb94f313d4298899000cd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 05:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10996
x-xss-protection: 0

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 551D 36 KB
14 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 15:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 15:05:19 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 05:09:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CDC5 13 KB
5 KB 29ms
27ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 6809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 03:15:52 GMT
expires: Sat, 19 Aug 2023 03:15:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8504 783 B
534 B 38ms
36ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

07391302658876ac76873b67f0851028240f28d8d8039539b9bc628746cb367f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hXGVhs-2F8gtrPQMgi1EJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ngembassy.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-hXGVhs-2F8gtrPQMgi1EJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 05:09:21 GMT
expires: Fri, 19 Aug 2022 05:09:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame CDC5 36 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 15:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 15:05:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8504 0
0 59ms
58ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=3403245690169510&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CDC5 0
12 B 26ms
26ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LTaETw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 05:09:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
62ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=3403245690169510&bg=!jY6ljsrNAAYUOm8VNDo7ACkAdvg8WjYn2XcCZlPm0u5IZiu3xFQASuU-QPYJYUbtlKWy0cZt-cAfXQIAAABOUgAAAAJoAQcKAEOaWUjuFJvGk2vVQ5Y9EHNnyRXeGij9opAZbYnSyfbVYJB0islmkCfZSoHSJO9KlyzRWOl3aS0CZtFOfdB2e-yLdi3FmQLap3xcldPnW3zIImt3zSOBDD6nSwJJ9lcKKRN-eVFR_ajDe6Pf_f6Nj52m0JD-HsA4IP457FSWi9e8KVQ8E38w5EA946x_r-tpn47ZlY1v9lVFgYc27zU8H_A6d6NmePQGIr8_KcaukOYkV0l9KPQfJUvx0g6Oj1M-JpTT780FcaGkAv7lK46vO6rVQyubLjkLeRT9LJ45C6hs9C8UkPCPW2rdCo79ThNcfQ7krELGlXuQNswVsEkWjc3NERuKehcbsIQ1HTJtCQ26gZfemYYIkUXoP55lsAkLE4Z-LNq0nRkQcSTTBGsekm-82tEP1sNMvogl_T-ze1JjK21IECnsdolcSW0g6uBOD35cxTg7Cnh_j0LLMLkbIRR6wcOzVJ2L1ytG-5S3Vt_a2giRKXaWywglBLpAJkeSgi-ruKur8fcJpBcwKN5RG1o5I0eA18CeWtllNlcintRbzfQd54x3QPza2D6mIfCLkv-QMHHz6X66Mr_XC29Ga_FSn5Bc1CGXT2rGkMWjxUHwPrGtM6nnj2pnYL8gFpRSycBd0alq2xRhu9Pimr_Dlg55PdD5nlg5eRq5eWK_sW8UyV3dhR58ycwJdbkwkTbr2FHWuOGcmWRbyv0fuDZ5YAmjaYPMuEpEIGWzJ3Gq0RLKPnR1doSax0qWSbfG0OyPdb3NsVNBIUQ3V4uqh4QPOBBuXeFc_mVE3GdMl8cPfGjJ26jlb7IFrSgpXRgxpexpZrSvTzxxeNTyUj01g0lpZ5aeC3eEJuuD-VMX9IMXharWE7ZEvArh_ixfl5ogze5OlZhhpwJSOpRVR3RIGMydNXszbmBrKAmVWs1IARoCxae4lN70Rjyp7CbNdlfLuKyPyhKyKsBW12v3TsjIz5pFCxNLYYrUA_kwKRyarKOGfQAJncvGk6Jxc0lR5hfX_0V4m07fcra6aV04nO1tdTRqEpU3bgTjP3Fsg7-pBhRQz_Idsg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ngembassy.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 0477 0
45 B 335ms
33ms Ping
image/gif 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l700hyla&c=161656722307&slotId=80828361153.5&qqid=CJW-182R0vkCFVOgcQod8R8BZg&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/61e8ce92b0d799c62b7491ac485b1437.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D399 0
45 B 333ms
33ms Ping
image/gif 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l700hyjy&c=2814531191793&slotId=1407265595896.5&qqid=CIeb182R0vkCFahjFQgdelgP0A&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/61e8ce92b0d799c62b7491ac485b1437.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 05:09:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFl6SUbGnhLxqF_TY-1mhNg&google_cver=1&google_push=AehlK4CjBqEhRTCSRWHgdZX0ay_h0xQgkJDOWP99UHxDEcuP73jvI9cOf2BOqt0S9EYS0JBS0gTHM3JIyEUwyOEHObTOZXrtXkmBTg

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFl6SUbGnhLxqF_TY-1mhNg&google_cver=1&google_push=AehlK4BnVe16_o2-Iku7zQgOSv6TH0CwmL2OY0oBn3Mq5lJYCan2W5NjZBMay20d0PmCHOq9ycYGECeBNFXlOLBQGrusmur6Tnmo

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ngembassy.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 20535cdd68adcc611ed0bddabcab532a
.ngembassy.info/	1970-01-20 14:57:25	Name: _ga_6HX21LM9FM Value: GS1.1.1660885757.1.0.1660885757.0.0.0
.ngembassy.info/	1970-01-20 14:57:25	Name: _ga Value: GA1.1.2032086597.1660885758
.ngembassy.info/	1970-01-20 14:43:01	Name: __gads Value: ID=39d884ef3797120b-2246da41f7cd005d:T=1660885758:RT=1660885758:S=ALNI_MZhfAtVW7MqxyuJkTYhrPPA9PIKYA
.doubleclick.net/	1970-01-20 14:43:01	Name: IDE Value: AHWqTUmZZO9nn4FoW48nPQm1486QF5rInAkLoHINJghWb8Z6AmXPp2Xt8-YVkNmIsLc
.doubleclick.net/	1970-01-20 05:21:29	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 14:07:01	Name: CMID Value: Yv8bAAPEe-OjLVhmLrmUzAAA
.casalemedia.com/	1970-01-20 07:31:01	Name: CMPS Value: 1120
.casalemedia.com/	1970-01-20 07:31:01	Name: CMPRO Value: 1120
.rlcdn.com/	1970-01-20 14:07:01	Name: rlas3 Value: pfQSrROYLGtZ/Yg6glPFSzeL236+VAWsSOAK8PAeGSI=
.quantserve.com/	1970-01-20 07:31:01	Name: d Value: EEwBCQHyJoEA
.quantserve.com/	1970-01-20 14:51:40	Name: mc Value: 62ff1b00-c31b3-ac494-fceab
.mookie1.com/	1970-01-20 14:50:13	Name: id Value: 10812579757401910752
.mookie1.com/	1970-01-20 14:50:13	Name: mdata Value: 1\|10812579757401910752\|1660885760800
.mookie1.com/	1970-01-20 14:50:13	Name: ov Value: 0aadd84d2fc4279aa8212c2a1e19a2a8
.rlcdn.com/	1970-01-20 06:47:49	Name: pxrc Value: CIC2/JcGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 07:31:01	Name: CMTS Value: 1218
.openx.net/	1970-01-20 14:07:01	Name: i Value: bebeaadd-35fb-4788-a0c0-3b138473b06e\|1660885760
.innovid.com/	1970-01-20 07:31:01	Name: uuid Value: 61ede76a-60e5-4e28-ae7a-b9012e791268-20220819 01:09:21
.e.dlx.addthis.com/	1970-01-20 14:51:40	Name: na_tc Value: Y
.addthis.com/	1970-01-20 14:51:40	Name: na_id Value: 2022081905092100064989083606
.addthis.com/	1970-01-20 14:51:40	Name: na_tc Value: Y
.addthis.com/	1970-01-20 14:51:40	Name: uid Value: 62ff1b01a903eb2c
.addthis.com/	1970-01-20 14:51:40	Name: ouid Value: 62ff1b010001d7f7a7081bc4644042ce8f6b4b810e17cc5e6c78
.dlx.addthis.com/	1970-01-20 06:04:37	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 06:04:37	Name: na_sr Value: 20220819
.dlx.addthis.com/	1970-01-20 05:21:25	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 06:04:37	Name: na_sc_e Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20220817/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-2910357982650786&fa=1&ifi=7&uci=a!7&btvi=4&xpc=eMgNSMTMlc&p=https%3A//ngembassy.info(Line 23) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFl6SUbGnhLxqF_TY-1mhNg&google_cver=1&google_push=AehlK4CjBqEhRTCSRWHgdZX0ay_h0xQgkJDOWP99UHxDEcuP73jvI9cOf2BOqt0S9EYS0JBS0gTHM3JIyEUwyOEHObTOZXrtXkmBTg Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFl6SUbGnhLxqF_TY-1mhNg&google_cver=1&google_push=AehlK4BnVe16_o2-Iku7zQgOSv6TH0CwmL2OY0oBn3Mq5lJYCan2W5NjZBMay20d0PmCHOq9ycYGECeBNFXlOLBQGrusmur6Tnmo Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
ag.innovid.com
cdn.ckeditor.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
ngembassy.info
ngembassy.org
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r15---sn-quxapm-3c2s.gvt1.com
redirector.gvt1.com
region1.google-analytics.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
103.72.77.63
104.18.18.126
142.250.185.130
142.250.186.162
142.250.74.195
185.64.190.78
2001:4860:4802:34::36
205.234.175.175
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:802::200e
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a05:d01c:1d8:8102:d09f:4639:d8c6:6199
2a0f:f4c1:2::22
34.98.67.61
35.186.253.211
35.244.174.68
69.173.144.165
69.192.160.219
003f52438fce300a4103266bfa589d41752c101f8d7bd66e9300b8a02cfd7310
00eb6ce2456c0dd817a87b3e7f7934ddcd91a2b29f304d1cd98cf319b4a38306
04dfee7238cc55671142bb2f4711ab060f5705fd5556cb0e29cc536d14ba0e98
07391302658876ac76873b67f0851028240f28d8d8039539b9bc628746cb367f
0a2808c1a355beaedaa433468d889c36e5eae408b3eea9cedc6e320cc0cf7f41
0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcfa1148508ddc6d52c109f593268eebafcb0db4394fddd92d7cdb7a13f92b5
1442c7bac31f0e3490d26c3d3b39e1bb4296275c503d8d9efd0cd8e13acd69f7
14e8ff6d39adcaf4db1b200db29915a4a00744f27fd10614ef6f49949f534edc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1855651d24584c20fb9bcc4980e360833af4eac312e3a39ec53aa82acd088b86
1b5916180d4e3a3b604e92b166bba20e42b8e8bc0b56fc3a7123252956707019
1d5539ac64ab1c604c4ac3970620da29fcf5d3192467e99fc7516f5a68ffbd04
1eae73d23698659f17bbaf4773a3a337dcffe040e2579d93eb25c292cefa29f7
212d8937585611593fc231549fe3af49aeb35f462e19f10f0badc0503000341b
21b277a73ac77bf9760b27876f0519cf74d0ebaaf05240c2483601fae3ce7f8f
267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647
30f482a1252b74dc5d09313d5e1e841c355c39f20b3b157bed7b76d0541ddb0c
32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94
389fdf942091b06f5edcd32d134ffc3b991fe10f71133c66181f1a27400db67f
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3eb5b671ae37248c1f6efc99b1b671eae1026344cf7ba799fd7e07764f1ab2c4
422234b812e8ed7336dcdd536a3974c9f2b67bfc6bb136a4f7d084c954b0b1d3
45fa6b9007ea2bfa985bb3529c4031e1f673c8d0a447d3c34d4d7e3fa7f94bef
4736672260ab0cf94ad37de85f33a0c5aeb75d70320fc6480956680a1ef41f31
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b43924b55481613b8536446f4fe4ad13b80a63f265ba25830614555b08d68fc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
514c3c0946248a126ce44cc828b7a2bd09e25831e1163cefb0aab96d2bd0df21
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a32cd3aa02ede12a27bff30307abee7970cbc2f0e3410ef14176d09a1db15e
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5de8f60349ef135d214c6503a4cd897a91909a988988554618f93775dad00208
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64a572e64ef64f78d6c1b06502bdffae7db2a50caf017d038820b2afc77556f2
6657a7d3ac4506ce3b0ca9234df4f63b6bff8e94e92f21f9d77921b166fc6925
685454498ab464c992327759a925959c1360d694f00f18f7fc951c7abd63c0a9
6c5ce0cfebd421729d45cf57e3c7d77e6f6fa4b725c6b63d43e605fed8c70f10
6e472caee640748b138e2397f8c3f9eb11ef5a65ccb94f313d4298899000cd35
74403098f0a9772348edabbac478f539aba1000178f603edc45f572f97c65bd2
7708b426ffe671df74f072b66251281cf876db19832d03b274157c98172ded3a
78634d616263d8ccf82a93fe69895d847aa226cbb4faf9e32d80223479ccc6a3
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
873836cdfc70763cefacc94f8c4983e774caa87fea7bfaa435e9c3751982bc3e
889087766998e260a22f5c5ccbc7f2e03b168c780bcd7a922b66581241a3ecad
89966b7626c91cec9320b8ce54ae79db5de05e602b578475fd748e0ea042c35d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81
90fc73ab6be3925a0afb7afd6c6a6e95b910160571396131dd00442aa6216574
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
9730fbde9ce805bcadb096de2dd86e0205dd5a87b3ab6b0433e65873d63d428c
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a103c9f033863dc4bfd397f87a47fc652b7d6c8fb3278e2bdb0f30c963601d99
a46794c88c953b373ed25f978feb23191f4e778579cf1d151a28137a8b60167e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58091f89f887419568e3fb01d7af0345757db9c225040f1493a4238ad161b0e
a611eeac1a9d8bfd87c5a827d376f84dd2f9804dbe00dc445a26006cce941c8a
a69d282071d6718929c2115e5220aeb7537c3affe7a04ee35ae814eac245574c
a8a5c7061da0d191e720afa4ace08a3c416423d47752053c2b1b61f6bb5cb0e4
ab25051f14c22e9ac50fa34afd3d1ba5274e45cd6ccdd151a70e8ec696e5d22d
acb265081733525dfd93b009310cc76ef24bb0026cd5c2b52e4775c36375314f
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b1d92a9bddc7cecf1746e447378807f6ad3149621abf8888346670b71e7c287e
b88e2b045e3c6cb809fe254fb2fc1828639ed5ef95ce4fba582da56a693efd9c
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfa091b4f9b985cded34666a894522b3da011bfae2611938ebe6d8465ba9785e
c16ce1c562a94558b9ef3c5047912c52b7d7864ba3198d39fafb8eaf87ccfa56
c2745cc4e10715345f5d1e8261dd1aee424e7d1f06b1100b8d4d555954f129c5
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6d209ce80af1a13e14a1d75f7311497df5f97de026bfa12295186dffdfdb1f5
d33580e47196330c3ea4e63a058e4dbe1b7498c105d62e2e1fe32f0ad2fdfca1
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
d6bb8d82bec4fcea48ec3bfaee200a5194457d8effcef8f68635a848b9947a2e
dc57a413d6bfd7f70b10453e990af4389e9e6f08c2b58aa30097d855e6260f52
dc7e9b824a3c92ea7e1b73f8faea620de63dab812e0f9a5f264c9de6d7b0703e
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df65617879e1296cad52d12caf7394191d9c54f3c457a225acc3bc6b9241b744
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f7534a3e962da708c7b8a3b5f122669e4688a1c17f86e9fdb1b2684edca4f351
f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f
f7d1cde7dd6457ab3780699765fe535407e971c7037713d38374036f80a44db9
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

ngembassy.info Open in urlscan Pro 103.72.77.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

89 %HTTPS

63 %IPv6

24 Domains

34 Subdomains

26 IPs

5 Countries

12627 kBTransfer

16081 kBSize

28 Cookies

1 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ngembassy.info Open in urlscan Pro
103.72.77.63 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

89 %
HTTPS

63 %
IPv6

24
Domains

34
Subdomains

26
IPs

5
Countries

12627 kB
Transfer

16081 kB
Size

28
Cookies

183 HTTP transactions
6 data transactions