urlscan.io logo urlscan.io
SecurityTrails logo

ledroitchemin.fr.gd Open in urlscan Pro
193.238.27.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Effective URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Submission: On January 22 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 30 domains to perform 124 HTTP transactions. The main IP is 193.238.27.28, located in Germany and belongs to IPX-AS15598, DE. The main domain is ledroitchemin.fr.gd.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.
This is the only time ledroitchemin.fr.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 193.238.27.28 15598 (IPX-AS15598)
13 2607:f8b0:400... 15169 (GOOGLE)
15 178.162.223.113 28753 (LEASEWEB-...)
1 27.120.94.1 10013 (FBDC Free...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 72.52.116.68 6939 (HURRICANE)
3 13 2607:f8b0:400... 15169 (GOOGLE)
1 13.42.201.144 16509 (AMAZON-02)
1 176.9.183.55 24940 (HETZNER-AS)
3 3.75.56.58 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
1 26 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 3 52.28.39.71 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
6 142.251.16.156 15169 (GOOGLE)
2 3 2607:f8b0:400... 15169 (GOOGLE)
2 2 2606:ae80:145... 25751 (VALUECLICK)
7 142.251.167.157 15169 (GOOGLE)
1 1 38.68.201.140 174 (COGENT-174)
1 1 34.150.170.96 396982 (GOOGLE-CL...)
2 2 35.211.178.172 19527 (GOOGLE-2)
1 202.233.84.1 131957 (MICROAD M...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 2 3.73.224.252 16509 (AMAZON-02)
2 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 23.192.63.78 16625 (AKAMAI-AS)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
124 23
2    193.238.27.28 (Germany)

ASN15598 (IPX-AS15598, DE)
PTR: fr.gd
ledroitchemin.fr.gd
13    2607:f8b0:4004:c1d::9d (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
15    178.162.223.113 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com
theme.webme.com
1    27.120.94.1 (Japan)

ASN10013 (FBDC FreeBit Co.,Ltd., JP)
PTR: usv0209.mfro-sv.net
www.monsitegratuit.com
1    2606:4700:3037::ac43:cc74 (United States)

ASN13335 (CLOUDFLARENET, US)
asrv205.com
1    72.52.116.68 (United States)

ASN6939 (HURRICANE, US)
download.quran.islamway.com
13    2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.42.201.144 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-201-144.eu-west-2.compute.amazonaws.com
track.webgains.com
1    176.9.183.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de
fwdtrk.com
3    3.75.56.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
visifeed.org
5    2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
26    2607:f8b0:4004:c06::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2607:f8b0:4004:c09::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    52.28.39.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-39-71.eu-central-1.compute.amazonaws.com
api.yieldads.net
6    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
www.googleadservices.com
3    2607:f8b0:4004:c09::68 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2606:ae80:1451:21::440 (United States)

ASN25751 (VALUECLICK, US)
dclk-match.dotomi.com
7    142.251.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f157.1e100.net
cm.g.doubleclick.net
1    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
aep.mxptint.net
1    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
2    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
gtrace.mediago.io
2    3.73.224.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-224-252.eu-central-1.compute.amazonaws.com
osak.com
2    2606:4700:20::ac43:4991 (United States)

ASN13335 (CLOUDFLARENET, US)
r.secprf2.com
1    23.192.63.78 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-63-78.deploy.static.akamaitechnologies.com
www.awin1.com
2    2606:4700:10::6816:174c (United States)

ASN13335 (CLOUDFLARENET, US)
theproteinworks.com
www.theproteinworks.com
Apex Domain
Subdomains		 Transfer
39 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
536 KB
20 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
164 KB
15 webme.com
theme.webme.com
140 KB
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
193 KB
6 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
5 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
260 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
304 B
3 yieldads.net
api.yieldads.net — Cisco Umbrella Rank: 120597
15 KB
3 visifeed.org
visifeed.org — Cisco Umbrella Rank: 119580
2 KB
2 theproteinworks.com
theproteinworks.com — Cisco Umbrella Rank: 453916
www.theproteinworks.com — Cisco Umbrella Rank: 558534
234 B
2 secprf2.com
r.secprf2.com — Cisco Umbrella Rank: 151656
1 KB
2 osak.com
osak.com
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
2 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3445
983 B
2 fr.gd
ledroitchemin.fr.gd
11 KB
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16092
850 B
1 mediago.io
gtrace.mediago.io — Cisco Umbrella Rank: 3342
513 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 5589
598 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 11949
464 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
762 B
1 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 6019
787 B
1 fwdtrk.com
fwdtrk.com
fwd.fwdtrk.com Failed
2 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 55633
17 KB
1 islamway.com
download.quran.islamway.com
1 asrv205.com
asrv205.com
1 KB
1 monsitegratuit.com
www.monsitegratuit.com
0 editeurjavascript.com Failed
countus1.editeurjavascript.com Failed
0 gigya.com Failed
counters.gigya.com Failed
0 myflashfetish.com Failed
assets.myflashfetish.com Failed
124 30
Domain Requested by
26 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
ledroitchemin.fr.gd
15 theme.webme.com ledroitchemin.fr.gd
13 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
13 pagead2.googlesyndication.com ledroitchemin.fr.gd
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
8 www.gstatic.com googleads.g.doubleclick.net
7 cm.g.doubleclick.net ledroitchemin.fr.gd
googleads.g.doubleclick.net
6 www.googleadservices.com ledroitchemin.fr.gd
6 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
3 www.google.com 2 redirects googleads.g.doubleclick.net
3 api.yieldads.net 1 redirects visifeed.org
api.yieldads.net
3 visifeed.org fwdtrk.com
visifeed.org
2 r.secprf2.com 2 redirects
2 osak.com 1 redirects api.yieldads.net
2 x.bidswitch.net 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 ledroitchemin.fr.gd 1 redirects
1 www.theproteinworks.com osak.com
1 theproteinworks.com 1 redirects
1 www.awin1.com 1 redirects
1 gtrace.mediago.io 1 redirects
1 dsp.adkernel.com 1 redirects
1 aid.send.microad.jp googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 aep.mxptint.net 1 redirects
1 fwdtrk.com asrv205.com
1 track.webgains.com asrv205.com
1 download.quran.islamway.com ledroitchemin.fr.gd
1 asrv205.com ledroitchemin.fr.gd
1 www.monsitegratuit.com ledroitchemin.fr.gd
0 fwd.fwdtrk.com Failed fwdtrk.com
0 countus1.editeurjavascript.com Failed ledroitchemin.fr.gd
0 counters.gigya.com Failed ledroitchemin.fr.gd
0 assets.myflashfetish.com Failed ledroitchemin.fr.gd
124 35

This site contains links to these domains. Also see Links.

Domain
www.monsitegratuit.com
www.myflashfetish.com
www.mixpod.com
www.countus.fr
www.ma-page.fr
Subject Issuer Validity Valid
fr.gd
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
misc.webme.com
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
monsitegratuit.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
asrv205.com
GTS CA 1P5		 2023-12-04 -
2024-03-03		 3 months crt.sh
islamway.com
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
fwdtrk.com
R3		 2024-01-20 -
2024-04-19		 3 months crt.sh
visifeed.org
R3		 2024-01-09 -
2024-04-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
api.yieldads.net
Amazon RSA 2048 M01		 2023-10-04 -
2024-11-02		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2023-10-03 -
2024-11-03		 a year crt.sh
osak.com
Amazon RSA 2048 M02		 2023-06-21 -
2024-07-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-12		 a year crt.sh

This page contains 19 frames:

Primary Page: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Frame ID: 78F1530E0F4CEC1175BE3BD693050385
Requests: 30 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: 43A87D81184AF702ED922629FF0AE1FE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 83F90143BC25801B7AC000B2928A9F2A
Requests: 1 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTQsImNyZWF0aXZlX2lkIjoyMywicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNTk1Njc1Mn0%3D
Frame ID: 7AB805767536D9CBE9ACFA83578AD3F4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&adk=1812271804&adf=3025194257&lmt=1705956752&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_r&format=0x0&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956752506&bpp=6&bdt=284&idt=383&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3008124104731&frm=20&pv=2&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=403
Frame ID: 7F37E1B06CCAA7BDB0B8C6F96D6F6196
Requests: 1 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=f96ab7dd91455d01d74da495a5c6ed3d1594f6b0afd498dc06d2961a25ca6f82&ci=yC%5Bx%2FPt%40&its=9F%5Bt%2ALp5e6bB%7CQD%3BzhPWbUZ&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: 890DE86AF2A8A5F657774E003448CCAF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Frame ID: 0221D7497E8A7068377505D0D3B01AB4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8E6282A5AE39B4171D0693902269856E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 381EBA9CFE51D109FF3A5E965FA07921
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E4FF4582495B7144590E292E9A3F3844
Requests: 16 HTTP requests in this frame

Frame: https://www.theproteinworks.com/?sv1=affiliate&sv_campaign_id=143466&awc=7535_1705956757_c269e09e15a7f755c35ff024b6a65f25&utm_medium=affiliate&utm_source=yieldkit_Sub+Networks
Frame ID: F83DEAA039DCB570D536F32A0A54E1EC
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A014EEB725A416BD192CF59A46282C77
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AF63DE2D16EDEEE19F05826180E1B5F8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: DCD68028565A70664418A3E41A1A4906
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 7F08C3B7E116FCD45F7598ADFDBF2FA8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 74243E68EB5B8A1EE883D4A36AA29DEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2BDB953D373FB4E9489BC54D767A05BB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 80805E4D5159CC917833BBE25E68F7AF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 0B9F646544B42C881FC5CD160CAA346A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

الطريق المستقيم - adkar sabah & massa

Page URL History Show full URLs

  1. http://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm HTTP 301
    https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

124
Requests

84 %
HTTPS

40 %
IPv6

30
Domains

35
Subdomains

23
IPs

4
Countries

1346 kB
Transfer

3548 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm HTTP 301
    https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CchbfkNWuZbyfPPLd_tMP1riQ2AnD1I7idO-_uejhEfGhkNGeMBABIKuC558BYMmGgIDco8QQoAGl2r6KA8gBCagDAcgDywSqBJ4CT9BwXnq0grJ4KvX_4h1bIVz8JJizwgOVOfutwMFe6K3HTJFSjzuEPPZrMDkqo8N1mkOk7Fd1bPAWLlfWcQ6TEnzVUieegW6DdDDYE1TD949aiGhfneRs4HAhsfvrrawRz7L6X-6nF8_95X_MxprsHg67vQco3gt6zOcYpbmNkrrHf1U5i1i4nuJ1HoSbicCcJFFi2J54Tpft9u2aN_kdqFwS_fksBO-7vjxJL4VyEFMjogX5oCkF1J7iY4_KIlJzUlToU9y5GfJg2VwdlMV1aMbWkmIVjzJV2W0UzvzYiSgNCDzaurOKMbaV7uBB4KeXEIwIaEQNrDp14-s_ZZlx3rGrHVBisOanc3pwITwfl4rgcDJ9LaUXYiFBDMCYMcAE2MO3h_gCiAWh6oPqA5IFBAgEGAGSBQQIBRgEoAYugAeNn4V3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQqpEc0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliYg4yS8PGDA5oJJmh0dHBzOi8vd3d3LmZyZWUtcGRmLXByby5jb20vbHBzL3BkZnQvgAoByAsBogwIKgYKBKy6sQLaDBEKCxDA8Mzy3LD_iI0BEgIBA7gT5APYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItNjA2MTE5NTk5MDc3OTcxNRgA&sigh=C4-8T7Jew7E&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_Sq6YeRl9-g3xLudnd-YcovUBnDK7aSm_kocdXMlYNBv3TuZTJRZf1X9v3RleasedMLmRyUuctYjU7X32TtnWJEtDw51mFumdVxgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6951ad7aad0220f70000000000000000%22,%222%22:%220xc9caa4d4d80465e00000000000000000%22,%223%22:%220xfefcf4211a6363750000000000000000%22,%224%22:%220xb8f075f42374ad200000000000000000%22,%225%22:%220xa6f7fe590b178b900000000000000000%22},%22debug_key%22:%222262267932088086208%22,%22debug_reporting%22:true,%22destination%22:%22https://free-pdf-pro.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827305253%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210483552982452467537%22}&andc=true
Request Chain 82
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODqq4ObwwEQsAkYsAkyCLECC0Vlv8IN HTTP 301
  • https://tpc.googlesyndication.com/simgad/3924125642834448992
Request Chain 86
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 90
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CwOVpkNWuZbufPPLd_tMP1riQ2Anh5Nu6dY-wu6S6EpiHjv_WCBABIKuC558BYMmGgIDco8QQoAGhwJjxKMgBCagDAcgDywSqBJUCT9D6JYAdIKCI7mXs7ZGCxmNXT6u3gdz_b4nHrXyeJkfGhO7sH4kywKs8vuuZP6AAMUoZVYv99uJD1JScDwW6We7catof12f0VNHITlnqoG0lsqYVuVr9BgS6yM0edRB9TXv2cqXvWZTtBOl0xLBqEeVHtOAkUXEo8MbCzLFiysc1FKqZ6wloSGYtLqfIWS2RqcuLqaclrNkDr41whdSezQKMGcU7jzPElm-LF244l89SysJMwZsv90df_88bvhhxfk7wZSFRhznF3S3cC26jXkOAaUDHir64ftOJqBltHkOCVJuzyB44Ej66Mbgs0B9KeuWiDgvn7QxRCC-xbZYD9T6bgARZvZeHZ_nUIrNw24Y8XI9Gx8AElve9x8EEiAWeqYyCTpIFBAgEGAGSBQQIBRgEoAYugAe137eeBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBD5-wzSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WJiDjJLw8YMDmgn_AWh0dHBzOi8vd3d3LnRlbXUuY29tL2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9MjExfmVuflVTRCZnb29kc19pZD02MDEwOTk1MTQzNTk2NzAmX3BfcmZzPTEmX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2Fkc19zdWJfY2hhbm5lbD1vdGhlciZfeF9iZ19hZGlkPWdkMjUwOTcyNi0yJnRvcGljX2NsYXNzaWZ5PTEyNIAKAcgLAaIMCCoGCgSsurEC2gwQCgoQoKy3kJqP5PBzEgIBA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi02MDYxMTk1OTkwNzc5NzE1GAA&sigh=gxAkRrN_FUE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_Sq6YeRl9-g3xLudnd-YcovUBnDK7aSm_kocdXMlYNBv3TuZTJRZf1X9v3RleasedMLmRyUuctYjU7X32TtnWJEtDw51mFumdVxgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5e120d21db96c4550000000000000000%22,%222%22:%220xc1fd81c3257849eb0000000000000000%22,%223%22:%220xc7ff11d2981ac32c0000000000000000%22,%224%22:%220xe1d69247b5ddb8f30000000000000000%22,%225%22:%220xdc26591865df7fba0000000000000000%22},%22debug_key%22:%2212909376925742512627%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22581914304466114081%22}&andc=true
Request Chain 108
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEN91_57CU38qETfD3eIh5fo&google_cver=1&google_push=AXcoOmTCnq7C50WOvi_sN-87rgxyzHctq9dL66jVzC3ugBgcS7bXnv45nBvDWTVief5NR8gzgiVPLsQ_TO-qQyDyodd7F-AEvPxNAl1P3uGKpdIW1yC41SPQDZgXOnrqZi3ZJRp7sULlsHQc7LbITMkP8IpU3Qo HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=49fdd97883951560&is_secure=true&networkId=14000&version=1&google_gid=CAESEN91_57CU38qETfD3eIh5fo&google_cver=1&google_push=AXcoOmTCnq7C50WOvi_sN-87rgxyzHctq9dL66jVzC3ugBgcS7bXnv45nBvDWTVief5NR8gzgiVPLsQ_TO-qQyDyodd7F-AEvPxNAl1P3uGKpdIW1yC41SPQDZgXOnrqZi3ZJRp7sULlsHQc7LbITMkP8IpU3Qo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAF5e38dPtO5AMZLSiMAAAAAAA&expiration=1706043155&google_cver=1&is_secure=true&google_gid=CAESEN91_57CU38qETfD3eIh5fo&google_push=AXcoOmTCnq7C50WOvi_sN-87rgxyzHctq9dL66jVzC3ugBgcS7bXnv45nBvDWTVief5NR8gzgiVPLsQ_TO-qQyDyodd7F-AEvPxNAl1P3uGKpdIW1yC41SPQDZgXOnrqZi3ZJRp7sULlsHQc7LbITMkP8IpU3Qo
Request Chain 109
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESED8aDIkT6RG4vSInipKFp2k&google_cver=1&google_push=AXcoOmR_lhbPAMlwLZmfCj5Z2d8DyaKX9kPLoGXell-o8A3KU38J5zh9xOcyxfLuEWvep6hPKtWRBoL2Qv-nD4fsuQehCF875-MMYiNga5c3u5zWQKjVGAbM80cu3AC8FquDfj21bO0S8bWfIBi5JFrRe3JWlg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmR_lhbPAMlwLZmfCj5Z2d8DyaKX9kPLoGXell-o8A3KU38J5zh9xOcyxfLuEWvep6hPKtWRBoL2Qv-nD4fsuQehCF875-MMYiNga5c3u5zWQKjVGAbM80cu3AC8FquDfj21bO0S8bWfIBi5JFrRe3JWlg&google_hm=UjM1Q0FCXzEwRkI0OUQxN183Q0JBMUVFNg%3D%3D
Request Chain 110
  • https://um.simpli.fi/gp_match?google_gid=CAESEJb7yaeQf7BJrENEOpyBUOU&google_cver=1&google_push=AXcoOmTvs94TxcUEHBhFl1YahhF5tqfKZ4o9yYuDvEJmIP-SjFd4U2oHCvbs6ViMJhpM_rSP88J2_zETnPknTYPy4LmbDtMq5EkNNp_TOTQ1HTomBdw8t8-hDG3i7l76RG_-AGIZ1h9JP8ZVaIb0lWhr_dGvdeE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=059F7CBC273B40F5AF2B0F8C7F87EBF9&google_push=AXcoOmTvs94TxcUEHBhFl1YahhF5tqfKZ4o9yYuDvEJmIP-SjFd4U2oHCvbs6ViMJhpM_rSP88J2_zETnPknTYPy4LmbDtMq5EkNNp_TOTQ1HTomBdw8t8-hDG3i7l76RG_-AGIZ1h9JP8ZVaIb0lWhr_dGvdeE
Request Chain 111
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEF18E7s2TDXqQZV59rDA0vY&google_cver=1&google_push=AXcoOmT19JexZtsN3i716VrLNRYY1KBBbq8oMGO25zTTNqKj-SFx7Zk8SsZGxjRwoPKsbdlcq3Zmmbi3WbEaKyY8KccyItBUfMBtFGf2XsiiPKQleZGm9gNnTjvpJEY969Qpl1GKsS9Tsktbqb-M-CrD0fLgfKQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEF18E7s2TDXqQZV59rDA0vY&google_cver=1&google_push=AXcoOmT19JexZtsN3i716VrLNRYY1KBBbq8oMGO25zTTNqKj-SFx7Zk8SsZGxjRwoPKsbdlcq3Zmmbi3WbEaKyY8KccyItBUfMBtFGf2XsiiPKQleZGm9gNnTjvpJEY969Qpl1GKsS9Tsktbqb-M-CrD0fLgfKQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT19JexZtsN3i716VrLNRYY1KBBbq8oMGO25zTTNqKj-SFx7Zk8SsZGxjRwoPKsbdlcq3Zmmbi3WbEaKyY8KccyItBUfMBtFGf2XsiiPKQleZGm9gNnTjvpJEY969Qpl1GKsS9Tsktbqb-M-CrD0fLgfKQ&google_hm=UN8rk3mMR5Cnyg2k48_nFA==
Request Chain 113
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEPfyTx9RIgq5bQZZb5YGPOE&google_cver=1&google_push=AXcoOmSYs8yZ4V8RXH371TrsG518s01WRVWZ5GHKqtFyuSRRr_iSwXa8SOLqM2BVuWISjs6Hcv9MdGqn_cJe7iXCh5ft2fVPtM9S_jEpJdylPufdcYXRGf_uGn6P119ZH6NGPPGRC0jtNTJropDehlF0PpheQA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMwNzkzODM4MDUxNDE2NDQzNDA&google_push=AXcoOmSYs8yZ4V8RXH371TrsG518s01WRVWZ5GHKqtFyuSRRr_iSwXa8SOLqM2BVuWISjs6Hcv9MdGqn_cJe7iXCh5ft2fVPtM9S_jEpJdylPufdcYXRGf_uGn6P119ZH6NGPPGRC0jtNTJropDehlF0PpheQA
Request Chain 114
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEK4Cx2Cl73IxDukY9djMCtQ&google_cver=1&google_push=AXcoOmRryiGwA_NEnxChYjvOakVQ7k4tlOzb7jrPoaV5A6SvQ_CeW2cHSellGY4sM-w9Q3AYrxyUFOddRWG8r5WwH3Wr5eR-2QvmuEjyGvhjFlVjj7KsqjUOGLthCInR9L--GgW0jU_3FAyeYDZBONTq0UOuWOQ0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRryiGwA_NEnxChYjvOakVQ7k4tlOzb7jrPoaV5A6SvQ_CeW2cHSellGY4sM-w9Q3AYrxyUFOddRWG8r5WwH3Wr5eR-2QvmuEjyGvhjFlVjj7KsqjUOGLthCInR9L--GgW0jU_3FAyeYDZBONTq0UOuWOQ0&google_hm=09dd4f7e893ec3b02ayp0a00lrpelsnp
Request Chain 116
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 117
  • https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=f96ab7dd91455d01d74da495a5c6ed3d1594f6b0afd498dc06d2961a25ca6f00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjI0IFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
  • https://osak.com/de/y?t=theproteinworks.com&cid=55709c973449ebedd48a6f5e06db5ec44e766071f4b50a4c82672b98135e3a96&identifier=ffb8ec33b6373269 HTTP 302
  • https://osak.com/de/search/theproteinworks.com
Request Chain 118
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CJWzfkdWuZa_eN-DW_tMP8Ju0EMaWprN138G56OERmaKQ0Z4wEAEgq4LnnwFgyYaAgNyjxBCgAaXavooDyAEBqAMByAPLBKoEngJP0CelaY8Eer97K87HWvfIhdu8TL_1uRRBZU_cUwqhFYRE9R04rSBHCKv2KhJdAAAzFjbnkK0-n614vNS7VzXWK8xejRmLUsXAFz1Tlu2847ZEwdPPkwTaqirMyi85cqfi5eHI2AqrzxH9tFwAjAAvlsSWlJ-bXNjMrDGdtc7WI3aFZtFJy8XVpIk5b8Swd7eZ7TBy1NjmkgTlbqn8D73tMpJ401jsS936Xy6UEpTnXIUBpvzHeTdCy4J0XZ9RKu1cAQM4po9Z8wTsofQmw-ChWnAdUkJQNMENPkRIQYhBy8mik4_ygvAPLauuUwTtbztngh529FfbqJ0rEJ7V6Kgg2PB1CAgUzW-q9uzueFTxiZiLgoF52tYJgCFSYGV6wASRp8aXrAKIBfm1nOoDkgUECAQYAZIFBAgFGASAB42fhXeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDfvwLSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WLfLxJLw8YMDmgkmaHR0cHM6Ly93d3cuZnJlZS1wZGYtcHJvLmNvbS9scHMvcGRmdC-ACgHICwGiDAgqBgoErLqxAtoMEQoLEIC4wcvB_I7gzQESAgED2BMMiBQB0BUBgBcBshccChoIABIUcHViLTYwNjExOTU5OTA3Nzk3MTUYAA&sigh=2WIkdXdCe-I&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_buR4wQYhsXdjIsgC7UYxiUVrLACrRSUVaGFiLdpBfb1i6nCihxNY5Ny-jo2aQYraXNuQfBUSNxgB&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6951ad7aad0220f70000000000000000%22,%222%22:%220xc9caa4d4d80465e00000000000000000%22,%223%22:%220xf6cc0a540cb018be0000000000000000%22,%224%22:%220xe061bedece48cb670000000000000000%22,%225%22:%220xa6f7fe590b178b900000000000000000%22},%22debug_key%22:%223289864306131208113%22,%22debug_reporting%22:true,%22destination%22:%22https://free-pdf-pro.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827305253%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215858113790860162065%22}&andc=true
Request Chain 123
  • https://r.secprf2.com/v1/redirect?url=https://theproteinworks.com&api_key=1b47e97a88219da5e2b7579710ac9d3a&site_id=9fb9a0578dd84fadbefee1f722b2995d&type=url&source=https://osak.com/de/search/theproteinworks.com&yk_tag=55709c973449ebedd48a6f5e06db5ec44e766071f4b50a4c82672b98135e3a96 HTTP 302
  • https://r.secprf2.com/v2/go?t=mtcps%3Ar%2Fwwi.twrne.to2%2FFw%25l3cs.thh%3Fpim%3Dc5k5si.%3Dw4%3D4f6rc%26i5k9eb%3D2wf.esfkbcam4cdi8k5ea2bv932430d152961c96a645b9889b546a69c169251d03423cvirkwe%263o9.baao5w8wd44eakbifcedf922b29751%26elecdrff8%3Ddw7.0s9kfc%3Dmfarcc%3Dl0%260301054927245f6883b4ff4b3886f5427294501030-0f%3D9f0r7cdl8%26fod.eaeo1w7w2f2r9cdlp%26e613w1wdo%26a3.7od%26m%3Dptppk%25iAc2a%25mFch1pioaewnwo%2Fks.toh&e=1&ai=46f64c6c57fd4506802ae28bc60c2d3a&sct=0&ct=1705956756607&cu=2c566685b9f84b348af94179955d1332&sr=1&ykuid=2e68db6a207e4952b84fb462526a12f0&sc=1&cs=9aed65055f31085da9c74e58a71f0609 HTTP 302
  • https://www.awin1.com/awclick.php?mid=7535&id=143466&clickref=www.osak.com&clickref2=v0304000142262c566685b9f84b348af94179955d1332&clickref3=9fb9a0578dd84fadbefee1f722b2995d&clickref4=www.osak.com&awcr=v0304000142262c566685b9f84b348af94179955d1332-9fb9a0578dd84fadbefee1f722b2995d&pref1=www.osak.com&p=https%3A%2F%2Ftheproteinworks.com HTTP 302
  • https://theproteinworks.com/?sv1=affiliate&sv_campaign_id=143466&awc=7535_1705956757_c269e09e15a7f755c35ff024b6a65f25&utm_medium=affiliate&utm_source=yieldkit_Sub+Networks HTTP 301
  • https://www.theproteinworks.com/?sv1=affiliate&sv_campaign_id=143466&awc=7535_1705956757_c269e09e15a7f755c35ff024b6a65f25&utm_medium=affiliate&utm_source=yieldkit_Sub+Networks

124 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request adkar-sabah-%26-massa.htm
ledroitchemin.fr.gd/
Redirect Chain
  • http://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
  • https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
82 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.238.27.28 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS
fr.gd
Software
nginx /
Resource Hash
56f1f9f221823d676b4df40f56c5d8a33fc9190908f4ad90d3a087a813e0a7bb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=ISO-8859-15
Date
Mon, 22 Jan 2024 20:52:32 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
User-Agent,Accept-Encoding
Via
1.1 varnish-v4
X-Varnish
81724661
X-wm-1
b5c15a4f00826b560de2380c0e08f5b7
X-wm-VIP
193.238.27.28
X-wm-req.backend
SitesGET
X-wm-req.backend.healthy
true
X-wm-req.restarts
0

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 22 Jan 2024 20:52:31 GMT
Location
https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Server
Varnish
X-Varnish
82258974
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6061195990779715&host=ca-host-pub-1483906849246906
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e5ac741fe027aea28050c4010f30747adee93203f02453d1c23838330092760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ledroitchemin.fr.gd/
Origin
https://ledroitchemin.fr.gd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51307
x-xss-protection
0
server
cafe
etag
17223989941734465009
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 22 Jan 2024 20:52:32 GMT
navi_ende.gif
theme.webme.com/designs/iceblue/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/navi_ende.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
52738ef63f4f5d74aec2c2d009710029efc884cf4918fb7792eec9f9475be020

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:33 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
7447
Content-Type
image/gif
X-Varnish
63026517, 390620287 372731960
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3928
Expires
Mon, 04 Mar 2024 18:48:26 GMT
btn-get-tracks.gif
assets.myflashfetish.com/images/ 		0
0
btn-create.gif
assets.myflashfetish.com/images/ 		0
0
btn-get-ringtones.gif
assets.myflashfetish.com/images/ 		0
0
bT*xJmx*PTEyMjE1MDczMjM3NzMmcHQ9MTIyMTUwNzMzNTUwNyZwPTE4MDMxJmQ9Jm49Jmc9MSZ*PSZvPWExMzdhYzg4NDk4MTRhZjc5YmIxZTY2ZGZhMjgzMWY3.gif
counters.gigya.com/wildfire/IMP/CXNID=2000002.0NXC/ 		0
0
site.gif
www.monsitegratuit.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.monsitegratuit.com/site.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.120.94.1 , Japan, ASN10013 (FBDC FreeBit Co.,Ltd., JP),
Reverse DNS
usv0209.mfro-sv.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=
asrv205.com/adframe/ Frame 43A8 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:cc74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34035a6aa28e76e9e97e65aef1c52179420c3984d522cf469266201492811c2

Request headers

Referer
https://ledroitchemin.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
849aae674e5a31e4-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 20:52:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10vFd5HdIt07ruxZze%2FW2elt8DeKl1Xe4VGVa4cRI29EESzJZ9MUuIkWqTL4%2B7CZ0Nf%2Bx7pQ12UTzNoXWl5%2BFFtLt4f1Epo%2BTJqlvJW6L%2FCFPR%2BqjGEUA6CreFDw76zfj3nI3hCW%2BHOJ7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
compteur_page.php
www.monsitegratuit.com/services/compteur_site_web/ 		0
0
mon_sondage.php
www.monsitegratuit.com/services/sondage/ 		0
0
countus.php3
countus1.editeurjavascript.com/ 		0
0
001.mp3
download.quran.islamway.com/quran3/21/ 		168 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://download.quran.islamway.com/quran3/21/001.mp3
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.52.116.68 , United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ledroitchemin.fr.gd/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-172031/172032
date
Mon, 22 Jan 2024 20:52:32 GMT
last-modified
Thu, 10 Jan 2008 12:13:17 GMT
server
nginx
etag
"47860bdd-2a000"
Content-Length
172032
content-type
audio/mpeg
header.jpg
theme.webme.com/designs/iceblue/images/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/header.jpg
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
65b3109b80ef8f7994efd40f25275b8dbce4660149bc2936adbc56c1e36bbc03

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:33 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Wed, 23 Sep 2015 10:37:13 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
84786
Content-Type
image/jpeg
X-Varnish
1006109550, 389399292 378371976
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88414
Expires
Sun, 03 Mar 2024 21:19:26 GMT
navi_bg.gif
theme.webme.com/designs/iceblue/images/ 		227 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/navi_bg.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
8f7824da5a9cdc667ec975714bedab42352daf58677e873d040e9df5cdbb9a2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:33 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
85109
Content-Type
image/gif
X-Varnish
1004036249, 390620291 377316827
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
227
Expires
Sun, 03 Mar 2024 21:14:03 GMT
heading_left.gif
theme.webme.com/designs/iceblue/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/heading_left.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
56a6152d9326de9839afdd8c20b6b2bd60bdef4eb4d555ad78a9c2255daeee11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:33 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
85181
Content-Type
image/gif
X-Varnish
1002162528, 389399279 378828733
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2287
Expires
Sun, 03 Mar 2024 21:12:51 GMT
button.gif
theme.webme.com/designs/iceblue/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/button.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
1e95756f86ee3f3ef1519b59621665005adb89e68ed17a71e858f15e6ecef4f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:32 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
85140
Content-Type
image/gif
X-Varnish
1005529732, 390620254 378268148
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3589
Expires
Sun, 03 Mar 2024 21:13:32 GMT
cont_bg.gif
theme.webme.com/designs/iceblue/images/ 		552 B
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/cont_bg.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
4e61a7989142e9378a3fd73ba6d3e9e946915fe092486709c5e0310aa971113e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:33 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
85172
Content-Type
image/gif
X-Varnish
1004356382, 391334570 379290153
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
552
Expires
Sun, 03 Mar 2024 21:13:00 GMT
cont_top.gif
theme.webme.com/designs/iceblue/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/cont_top.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
9e01d2b7642600d454ebf01b4e418f887f4b85c9a2ab9c0ce57bf55fef027f80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:32 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
85170
Content-Type
image/gif
X-Varnish
1003088034, 390620256 378362484
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10115
Expires
Sun, 03 Mar 2024 21:13:02 GMT
cont2_bg.gif
theme.webme.com/designs/iceblue/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/cont2_bg.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
6cdf3901550c7719b61495c292937c90247faf7e0cfe3dd4bae4d1cc2241d8d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:33 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
85170
Content-Type
image/gif
X-Varnish
1004671121, 390620258 378362481
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1414
Expires
Sun, 03 Mar 2024 21:13:02 GMT
cont_bottom.gif
theme.webme.com/designs/iceblue/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/cont_bottom.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
48800eee592f4caed4e2748342c4c6d809f1ef52026c7142a6e1bde27448a8f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:33 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
85170
Content-Type
image/gif
X-Varnish
1001562793, 389399294 378477218
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2111
Expires
Sun, 03 Mar 2024 21:13:03 GMT
footer.gif
theme.webme.com/designs/iceblue/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/footer.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
8656359e042892b1ec966ecebd5e2f7a673f964ef1246aa7948c92f2ffbc3d02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:33 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
85171
Content-Type
image/gif
X-Varnish
998660382, 391681772 377316137
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9546
Expires
Sun, 03 Mar 2024 21:13:02 GMT
rechts_bg2.gif
theme.webme.com/designs/iceblue/images/ 		794 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/rechts_bg2.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
ad23acf9743e6416ba3a601f2628804e84dd15509dbbbf3a04c2219b4637e166

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:33 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
6846
Content-Type
image/gif
X-Varnish
60795613, 389477806 384886794
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
794
Expires
Mon, 04 Mar 2024 18:58:26 GMT
heading_right.gif
theme.webme.com/designs/iceblue/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/heading_right.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
07e7abc2ce80b7293877943918f367f9452e714fa7d22d5ce084dd5e0e9d5976

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:33 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
85170
Content-Type
image/gif
X-Varnish
1005528920, 389399275 377316168
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3175
Expires
Sun, 03 Mar 2024 21:13:02 GMT
shouty.gif
theme.webme.com/designs/iceblue/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/shouty.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
03cc273c212320a618d24f3c4cb324109b8985893971af708126ba1ba0b0020f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:32 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
85410
Content-Type
image/gif
X-Varnish
1002123023, 364608357 378845573
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3330
Expires
Sun, 03 Mar 2024 21:09:02 GMT
poll_bottom_bg.gif
theme.webme.com/designs/iceblue/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/poll_bottom_bg.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
1b3434bfd8278556bd3a3f171c4d15708a9136d41b4a531be40196a49a9de535

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:32 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
85135
Content-Type
image/gif
X-Varnish
1005753202, 391334566 378209927
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1127
Expires
Sun, 03 Mar 2024 21:13:37 GMT
s_bg.gif
theme.webme.com/designs/iceblue/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/s_bg.gif
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
4f5460dfd092fd9590362384eb00333f8b88fa1489703e21fb14271387baf063

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:33 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
85109
Content-Type
image/gif
X-Varnish
1001865074, 390620285 376828139
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6503
Expires
Sun, 03 Mar 2024 21:14:03 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/ 		402 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6061195990779715&host=ca-host-pub-1483906849246906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24a53ff70f313697545d9e69fbb238362b504f0ae456b2485534c3cc9a6036cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139573
x-xss-protection
0
server
cafe
etag
5644574162680877032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 20:52:32 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 83F9 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6061195990779715&host=ca-host-pub-1483906849246906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ledroitchemin.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3180
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 19:59:32 GMT
etag
9219409622527106327
expires
Mon, 05 Feb 2024 19:59:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
link.html
track.webgains.com/ Frame 43A8 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wglinkid=4576678&wgcampaignid=1700378
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.201.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-201-144.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
2d4dd43449743e5897874900e94abbd02f16d5af1355b24c816b8e413cac7ad0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://asrv205.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:33 GMT
last-modified
Mon, 22 Jan 2024 20:52:33 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 22 Jan 2024 20:53:33 GMT
eyJjYW1wYWlnbl9pZCI6MTQsImNyZWF0aXZlX2lkIjoyMywicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwN...
fwdtrk.com/track/ Frame 7AB8 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTQsImNyZWF0aXZlX2lkIjoyMywicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNTk1Njc1Mn0%3D
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.183.9.176.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer
https://asrv205.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Jan 2024 20:52:33 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
ads
googleads.g.doubleclick.net/pagead/ Frame 7F37 		521 KB
101 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&adk=1812271804&adf=3025194257&lmt=1705956752&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_r&format=0x0&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956752506&bpp=6&bdt=284&idt=383&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3008124104731&frm=20&pv=2&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=403
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab57fe6b1c7f9e7b5abeea7b2394863d0576747765b1088a8f6a49513499a9d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ledroitchemin.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
103327
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 20:52:33 GMT
expires
Mon, 22 Jan 2024 20:52:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=selfpromotionOverlay&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
fwd.fwdtrk.com/ Frame 7AB8 		0
0
d
visifeed.org/ Frame 890D 		405 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by
Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTQsImNyZWF0aXZlX2lkIjoyMywicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNTk1Njc1Mn0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
6c32315caa8ee83308e5a385dc03eb2cbf1a2dae6d9dc84fc5c9ae93b8e085f8

Request headers

Referer
https://fwdtrk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Jan 2024 20:52:33 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/ 		161 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
730bf2c12f90e78d53b2dc9f2b16e6ec862c7f46df20425fe0b0c6a02f32b07e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56320
x-xss-protection
0
server
cafe
etag
9983978064141640465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 20:52:33 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0221 		130 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e90b6c7eea06fa8e051dcd5b426c8f488cf1c7cd03780eb4517857d16959cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ledroitchemin.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45054
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 20:52:34 GMT
expires
Mon, 22 Jan 2024 20:52:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&hl=ar&pvc=4199329155525931
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ledroitchemin.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
visifeed.org/ Frame 890D 		410 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=f96ab7dd91455d01d74da495a5c6ed3d1594f6b0afd498dc06d2961a25ca6f82&ci=yC%5Bx%2FPt%40&its=9F%5Bt%2ALp5e6bB%7CQD%3BzhPWbUZ&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by
Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
0a36f89d3e2086438c170c20015c8dfffba756cd290183f2e532a019a0820a7e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Jan 2024 20:52:33 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 8E62 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ledroitchemin.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
9386
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 18:16:07 GMT
etag
9219409622527106327
expires
Mon, 05 Feb 2024 18:16:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 381E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ledroitchemin.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
9386
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 18:16:07 GMT
etag
9219409622527106327
expires
Mon, 05 Feb 2024 18:16:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame E4FF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ledroitchemin.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
9386
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 18:16:07 GMT
etag
9219409622527106327
expires
Mon, 05 Feb 2024 18:16:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 8E62 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 20:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 19:24:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 20:52:34 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8E62 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 15:47:12 GMT
x-content-type-options
nosniff
age
18322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 21 Jan 2025 15:47:12 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8E62 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 14:36:27 GMT
x-content-type-options
nosniff
age
22567
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 21 Jan 2025 14:36:27 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 8E62 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:00:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
85923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 21:00:31 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 8E62 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2425
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:12:09 GMT
css
fonts.googleapis.com/ Frame 381E 		4 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 20:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 20:09:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 20:52:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 381E 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 16:58:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 381E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:32:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:32:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 381E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:26:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
12341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:26:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 381E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:45:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 381E 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 20:52:34 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 381E 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 18 Apr 2024 13:31:41 GMT
d
visifeed.org/ Frame F83D 		347 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=f96ab7dd91455d01d74da495a5c6ed3d1594f6b0afd498dc06d2961a25ca6f00&ci=yC%5Bx%2FPt%40&its=9F%5Bt%2ALp5e6bB%7CQD%3BzhPWbUZ&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by
Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=f96ab7dd91455d01d74da495a5c6ed3d1594f6b0afd498dc06d2961a25ca6f82&ci=yC%5Bx%2FPt%40&its=9F%5Bt%2ALp5e6bB%7CQD%3BzhPWbUZ&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
16d41bea3097b358bf8e297ea85bf49dda3b2ef3748c22d1edf1b5df0fcb7b4a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Jan 2024 20:52:34 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
css
fonts.googleapis.com/ Frame E4FF 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 20:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 20:14:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 20:52:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E4FF 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 16:58:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame E4FF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:32:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:32:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E4FF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:26:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
12341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:26:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E4FF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:45:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E4FF 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 20:52:34 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame E4FF 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 18 Apr 2024 13:31:41 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/16883522068616959169/ Frame E4FF 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16883522068616959169/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
848fc58cd57b79d099da18e206bfec450187f6c55b9e772a4101517641994d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 20 Jan 2025 12:05:04 GMT
date
Sun, 21 Jan 2024 12:05:04 GMT
x-content-type-options
nosniff
age
118050
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12665
x-xss-protection
0
last-modified
Sun, 01 May 2022 18:40:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
3476445066299407086
tpc.googlesyndication.com/simgad/7332583830759276723/ Frame E4FF 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7332583830759276723/3476445066299407086?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5232256c08fd93a7f63f1ae70588f36265a52a56f54b65866b62ff2089939a8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 11:19:43 GMT
date
Mon, 22 Jan 2024 11:19:43 GMT
x-content-type-options
nosniff
age
34371
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2493
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 09:52:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
css
fonts.googleapis.com/ Frame A014 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 20:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 19:53:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 20:52:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A014 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 16:58:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame A014 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:32:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:32:24 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame AF63 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 20:39:19 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A014 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:26:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
12341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:26:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A014 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:45:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A014 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 20:52:34 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame A014 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 18 Apr 2024 13:31:41 GMT
redirect
api.yieldads.net/ Frame F83D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=f96ab7dd91455d01d74da495a5c6ed3d1594f6b0afd498dc06d2961a25ca6f00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by
Host: visifeed.org
URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=f96ab7dd91455d01d74da495a5c6ed3d1594f6b0afd498dc06d2961a25ca6f00&ci=yC%5Bx%2FPt%40&its=9F%5Bt%2ALp5e6bB%7CQD%3BzhPWbUZ&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.39.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-39-71.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/8.2.14
Resource Hash
730762be523c086126791a00b65689747f55ea311ab2d029a11ac89858fdfd9d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 20:52:34 GMT
server
nginx
x-powered-by
PHP/8.2.14
truncated
/ Frame E4FF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9324f380d695809802909e62bb615cc6ccadf645a26c280cb81d762a4d733d9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E4FF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:29:53 GMT
x-content-type-options
nosniff
age
346961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:29:53 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E4FF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:29:44 GMT
x-content-type-options
nosniff
age
346970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:29:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E4FF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:24:48 GMT
x-content-type-options
nosniff
age
347266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:24:48 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame E4FF
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CchbfkNWuZbyfPPLd_tMP1riQ2AnD1I7idO-_uejhEfGhkNGeMBABIKuC558BYMmGgIDco8QQoAGl2r6KA8gBCagDAcgDywSqBJ4CT9BwXnq0grJ4KvX_4h1bIVz8JJizwgOVOfutwMFe6K3...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6951ad7aad0220f70000000000000000%22,%222%22:%220xc9caa4d4d80465e00000000000000000%22,%223%22:%220xfefcf4...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6951ad7aad0220f70000000000000000%22,%222%22:%220xc9caa4d4d80465e00000000000000000%22,%223%22:%220xfefcf4211a6363750000000000000000%22,%224%22:%220xb8f075f42374ad200000000000000000%22,%225%22:%220xa6f7fe590b178b900000000000000000%22},%22debug_key%22:%222262267932088086208%22,%22debug_reporting%22:true,%22destination%22:%22https://free-pdf-pro.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827305253%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210483552982452467537%22}&andc=true
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x6951ad7aad0220f70000000000000000","2":"0xc9caa4d4d80465e00000000000000000","3":"0xfefcf4211a6363750000000000000000","4":"0xb8f075f42374ad200000000000000000","5":"0xa6f7fe590b178b900000000000000000"},"debug_key":"2262267932088086208","debug_reporting":true,"destination":"https://free-pdf-pro.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["827305253"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"10483552982452467537"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 Jan 2024 20:52:34 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 20:52:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x6951ad7aad0220f70000000000000000","2":"0xc9caa4d4d80465e00000000000000000","3":"0xfefcf4211a6363750000000000000000","4":"0xb8f075f42374ad200000000000000000","5":"0xa6f7fe590b178b900000000000000000"},"debug_key":"2262267932088086208","debug_reporting":true,"destination":"https://free-pdf-pro.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["827305253"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"10483552982452467537"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame DCD6 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 05:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
56340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 05:13:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 381E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20240118&sample=0.01
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8223609614702828466
tpc.googlesyndication.com/gpa_images/simgad/ Frame 381E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/8223609614702828466?w=200&h=200&tw=1&q=75
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2b817cbad38f8b90df6b6a40e0e597c84b3b67d020676012270b2f17c0ec45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 17:59:24 GMT
date
Mon, 22 Jan 2024 17:59:24 GMT
x-content-type-options
nosniff
age
10390
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7990
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 13:55:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
3962671960383864992
tpc.googlesyndication.com/gpa_images/simgad/ Frame 381E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/3962671960383864992?w=200&h=200&tw=1&q=75
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fca18c6f5748520eac003b6d921a6b5c3577391d169d01bca726babe18f90888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 19:17:30 GMT
date
Mon, 22 Jan 2024 19:17:30 GMT
x-content-type-options
nosniff
age
5704
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10059
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 14:17:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
167378229113677066
tpc.googlesyndication.com/gpa_images/simgad/ Frame 381E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/167378229113677066?w=200&h=200&tw=1&q=75
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7bee82564eac9cb1edda1dabbbc7075ca8b498ef1644e00c2cc2a3f388adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 19:21:13 GMT
date
Mon, 22 Jan 2024 19:21:13 GMT
x-content-type-options
nosniff
age
5481
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7604
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 14:40:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
3924125642834448992
tpc.googlesyndication.com/simgad/ Frame 381E
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODqq4ObwwEQsAkYsAkyCLECC0Vlv8IN
  • https://tpc.googlesyndication.com/simgad/3924125642834448992
77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3924125642834448992
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 17:40:16 GMT
date
Fri, 19 Jan 2024 17:40:16 GMT
x-content-type-options
nosniff
age
270738
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Sat, 08 Apr 2023 13:35:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true

Redirect headers

date
Mon, 22 Jan 2024 20:29:44 GMT
x-content-type-options
nosniff
server
cafe
age
1370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3924125642834448992
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 21 Feb 2024 20:29:44 GMT
truncated
/ Frame 381E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a584e73e9ee86dcec15b00cf40b974fbcda9a369be69dbc10b3b5d13d7e65dc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 381E 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:17:04 GMT
x-content-type-options
nosniff
age
347730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:17:04 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 381E 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:17:05 GMT
x-content-type-options
nosniff
age
347729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:17:05 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame AF63
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 20:52:34 GMT
expires
Mon, 22 Jan 2024 20:52:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 20:52:34 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame 7F08 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 05:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
56340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 05:13:34 GMT
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame 7424 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 05:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
56340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 05:13:34 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6951ad7aad0220f70000000000000000%22,%222%22:%220xc9caa4d4d80465e00000000000000000%22,%223%22:%220xfefcf4211a6363750000000000000000%22,%224%22:%220xb8f075f42374ad200000000000000000%22,%225%22:%220xa6f7fe590b178b900000000000000000%22},%22debug_key%22:%222262267932088086208%22,%22debug_reporting%22:true,%22destination%22:%22https://free-pdf-pro.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827305253%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210483552982452467537%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 20:52:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 381E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CwOVpkNWuZbufPPLd_tMP1riQ2Anh5Nu6dY-wu6S6EpiHjv_WCBABIKuC558BYMmGgIDco8QQoAGhwJjxKMgBCagDAcgDywSqBJUCT9D6JYAdIKCI7mXs7ZGCxmNXT6u3gdz_b4nHrXyeJkf...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5e120d21db96c4550000000000000000%22,%222%22:%220xc1fd81c3257849eb0000000000000000%22,%223%22:%220xc7ff11...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5e120d21db96c4550000000000000000%22,%222%22:%220xc1fd81c3257849eb0000000000000000%22,%223%22:%220xc7ff11d2981ac32c0000000000000000%22,%224%22:%220xe1d69247b5ddb8f30000000000000000%22,%225%22:%220xdc26591865df7fba0000000000000000%22},%22debug_key%22:%2212909376925742512627%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22581914304466114081%22}&andc=true
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x5e120d21db96c4550000000000000000","2":"0xc1fd81c3257849eb0000000000000000","3":"0xc7ff11d2981ac32c0000000000000000","4":"0xe1d69247b5ddb8f30000000000000000","5":"0xdc26591865df7fba0000000000000000"},"debug_key":"12909376925742512627","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"581914304466114081"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 Jan 2024 20:52:34 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 20:52:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5e120d21db96c4550000000000000000","2":"0xc1fd81c3257849eb0000000000000000","3":"0xc7ff11d2981ac32c0000000000000000","4":"0xe1d69247b5ddb8f30000000000000000","5":"0xdc26591865df7fba0000000000000000"},"debug_key":"12909376925742512627","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"581914304466114081"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame 0221 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 11:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 21:36:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 11:20:01 GMT
24c99e14925e42e286b16c1a5d25afd8.js
www.gstatic.com/mysidia/ Frame 0221 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/24c99e14925e42e286b16c1a5d25afd8.js?tag=text/vanilla_highlight_ms_cta_adjustment
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62c2afa5754464fe42af66e26eeb860faf498d8b5ebfa0a2fa843bf96ec68f6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4917
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 21:36:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 18 Apr 2024 13:16:20 GMT
css
fonts.googleapis.com/ Frame 0221 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 20:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 19:09:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 20:52:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 0221 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 16:58:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 0221 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:32:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:32:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 0221 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:26:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
12341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:26:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 0221 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 20:45:05 GMT
l
www.google.com/ads/measurement/ Frame 0221 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTN-3-Znzo76i81D-xv6vqmWv_xrppUZbQRu7zs11BD68pZ3ZlYo5MLd3ppkmqFtF2_hD6NCXwfnNeFcUjTS3vOKJm6xA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0221 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 20:52:34 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 0221 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 18 Apr 2024 13:31:41 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5e120d21db96c4550000000000000000%22,%222%22:%220xc1fd81c3257849eb0000000000000000%22,%223%22:%220xc7ff11d2981ac32c0000000000000000%22,%224%22:%220xe1d69247b5ddb8f30000000000000000%22,%225%22:%220xdc26591865df7fba0000000000000000%22},%22debug_key%22:%2212909376925742512627%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22581914304466114081%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 20:52:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fp.min.js
api.yieldads.net/js/ Frame F83D 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.yieldads.net/js/fp.min.js
Requested by
Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=f96ab7dd91455d01d74da495a5c6ed3d1594f6b0afd498dc06d2961a25ca6f00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.39.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-39-71.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=f96ab7dd91455d01d74da495a5c6ed3d1594f6b0afd498dc06d2961a25ca6f00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:34 GMT
content-encoding
gzip
last-modified
Tue, 16 Jan 2024 10:12:10 GMT
server
nginx
etag
W/"65a6567a-864c"
content-type
application/javascript
14763004658117789537
tpc.googlesyndication.com/simgad/7332583830759276723/ Frame 0221 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7332583830759276723/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9eb65ab498b4f0205bb9ec91436a230b81c2e0e1333d97191c4eb82d9aca0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 17 Jan 2025 20:40:22 GMT
date
Thu, 18 Jan 2024 20:40:22 GMT
x-content-type-options
nosniff
age
346332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2038
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 01:25:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2BDB 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 20:39:19 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8080 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
39628
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 09:52:06 GMT
etag
48472445140208031
expires
Tue, 23 Jan 2024 09:52:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0221 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91d6634f50ec59c420b7f23ed8726114e3dcc83a7c553556c6758abfdb47b6a3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0221 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 17:26:53 GMT
x-content-type-options
nosniff
age
271541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 17:26:53 GMT
pixel
cm.g.doubleclick.net/ Frame 8080
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEN91_57CU38qETfD3eIh5fo&google_cver=1&google_push=AXcoOmTCnq7C50WOvi_sN-87rgxyzHctq9dL66jVzC3ugBgcS7bXnv4...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=49fdd97883951560&is_secure=true&networkId=14000&version=1&google_gid=CAESEN91_57CU38qETfD3eIh5fo&google_cver=1&google_push=AXcoOmTCnq7C...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAF5e38dPtO5AMZLSiMAAAAAAA&expiration=1706043155&google_cver=1&is_secure=true&google_gid=CAESEN91_57CU38qETfD3eIh5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAF5e38dPtO5AMZLSiMAAAAAAA&expiration=1706043155&google_cver=1&is_secure=true&google_gid=CAESEN91_57CU38qETfD3eIh5fo&google_push=AXcoOmTCnq7C50WOvi_sN-87rgxyzHctq9dL66jVzC3ugBgcS7bXnv45nBvDWTVief5NR8gzgiVPLsQ_TO-qQyDyodd7F-AEvPxNAl1P3uGKpdIW1yC41SPQDZgXOnrqZi3ZJRp7sULlsHQc7LbITMkP8IpU3Qo
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Server
142.251.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:35 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAF5e38dPtO5AMZLSiMAAAAAAA&expiration=1706043155&google_cver=1&is_secure=true&google_gid=CAESEN91_57CU38qETfD3eIh5fo&google_push=AXcoOmTCnq7C50WOvi_sN-87rgxyzHctq9dL66jVzC3ugBgcS7bXnv45nBvDWTVief5NR8gzgiVPLsQ_TO-qQyDyodd7F-AEvPxNAl1P3uGKpdIW1yC41SPQDZgXOnrqZi3ZJRp7sULlsHQc7LbITMkP8IpU3Qo
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 8080
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESED8aDIkT6RG4vSInipKFp2k&google_cver=1&google_push=AXcoOmR_lhbPAMlwLZmfCj5Z2d8DyaKX9kPLoGXell-o8A3KU38J5zh9xOcyxfLuEWvep6hPKtWRBoL2Qv-nD4fsuQehCF875-MM...
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmR_lhbPAMlwLZmfCj5Z2d8DyaKX9kPLoGXell-o8A3KU38J5zh9xOcyxfLuEWvep6hPKtWRBoL2Qv-nD4fsuQehCF875-MMYiNga5c3u5zWQKjVGAbM80cu3AC...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmR_lhbPAMlwLZmfCj5Z2d8DyaKX9kPLoGXell-o8A3KU38J5zh9xOcyxfLuEWvep6hPKtWRBoL2Qv-nD4fsuQehCF875-MMYiNga5c3u5zWQKjVGAbM80cu3AC8FquDfj21bO0S8bWfIBi5JFrRe3JWlg&google_hm=UjM1Q0FCXzEwRkI0OUQxN183Q0JBMUVFNg%3D%3D
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H2
Server
142.251.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmR_lhbPAMlwLZmfCj5Z2d8DyaKX9kPLoGXell-o8A3KU38J5zh9xOcyxfLuEWvep6hPKtWRBoL2Qv-nD4fsuQehCF875-MMYiNga5c3u5zWQKjVGAbM80cu3AC8FquDfj21bO0S8bWfIBi5JFrRe3JWlg&google_hm=UjM1Q0FCXzEwRkI0OUQxN183Q0JBMUVFNg%3D%3D
Date
Mon, 22 Jan 2024 20:52:34 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-388961555; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
404
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 8080
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJb7yaeQf7BJrENEOpyBUOU&google_cver=1&google_push=AXcoOmTvs94TxcUEHBhFl1YahhF5tqfKZ4o9yYuDvEJmIP-SjFd4U2oHCvbs6ViMJhpM_rSP88J2_zETnPknTYPy4LmbDtMq5EkNNp...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=059F7CBC273B40F5AF2B0F8C7F87EBF9&google_push=AXcoOmTvs94TxcUEHBhFl1YahhF5tqfKZ4o9yYuDvEJmIP-SjFd4U2oHCvbs6ViMJhpM_rSP88J2_zETnPknTYP...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=059F7CBC273B40F5AF2B0F8C7F87EBF9&google_push=AXcoOmTvs94TxcUEHBhFl1YahhF5tqfKZ4o9yYuDvEJmIP-SjFd4U2oHCvbs6ViMJhpM_rSP88J2_zETnPknTYPy4LmbDtMq5EkNNp_TOTQ1HTomBdw8t8-hDG3i7l76RG_-AGIZ1h9JP8ZVaIb0lWhr_dGvdeE
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H2
Server
142.251.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 22 Jan 2024 20:52:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=059F7CBC273B40F5AF2B0F8C7F87EBF9&google_push=AXcoOmTvs94TxcUEHBhFl1YahhF5tqfKZ4o9yYuDvEJmIP-SjFd4U2oHCvbs6ViMJhpM_rSP88J2_zETnPknTYPy4LmbDtMq5EkNNp_TOTQ1HTomBdw8t8-hDG3i7l76RG_-AGIZ1h9JP8ZVaIb0lWhr_dGvdeE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 21 Jan 2024 20:52:34 GMT
pixel
cm.g.doubleclick.net/ Frame 8080
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEF18E7s2TDXqQZV59rDA0vY&google_cver=1&google_push=AXcoOmT19JexZtsN3i716VrLNRYY1KBBbq8oMGO25zTTNqKj-SFx7Zk8SsZGxjRwoPKsbdlcq3Zmmbi3WbEaKyY8Kccy...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEF18E7s2TDXqQZV59rDA0vY&google_cver=1&google_push=AXcoOmT19JexZtsN3i716VrLNRYY1KBBbq8oMGO25zTTNqKj-SFx7Zk8SsZGxjRwoPKsbdlcq3Zmmbi3WbEaKy...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT19JexZtsN3i716VrLNRYY1KBBbq8oMGO25zTTNqKj-SFx7Zk8SsZGxjRwoPKsbdlcq3Zmmbi3WbEaKyY8KccyItBUfMBtFGf2XsiiPKQleZGm9gNnTjvpJEY969Qpl1...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT19JexZtsN3i716VrLNRYY1KBBbq8oMGO25zTTNqKj-SFx7Zk8SsZGxjRwoPKsbdlcq3Zmmbi3WbEaKyY8KccyItBUfMBtFGf2XsiiPKQleZGm9gNnTjvpJEY969Qpl1GKsS9Tsktbqb-M-CrD0fLgfKQ&google_hm=UN8rk3mMR5Cnyg2k48_nFA==
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H2
Server
142.251.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT19JexZtsN3i716VrLNRYY1KBBbq8oMGO25zTTNqKj-SFx7Zk8SsZGxjRwoPKsbdlcq3Zmmbi3WbEaKyY8KccyItBUfMBtFGf2XsiiPKQleZGm9gNnTjvpJEY969Qpl1GKsS9Tsktbqb-M-CrD0fLgfKQ&google_hm=UN8rk3mMR5Cnyg2k48_nFA==
Date
Mon, 22 Jan 2024 20:52:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
asr
aid.send.microad.jp/g/ Frame 8080 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEKR7kABIMO0YmaxSr8TZBB0&google_cver=1&google_push=AXcoOmS1MryB5dANvg0CvzCkkvdOt5r8AyPcfS5KTgwZcKRhrvl6e57ekTr3aI5wWWI47WaxTPrXgoE2GVxzMoK_1PqVh-Q-hZRa5P6k4JqAauHb3lVEzloPJz537HEHFkw22Sceqm5a3aGv1MdbuQQ2WNNYSK4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 20:52:35 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 8080
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEPfyTx9RIgq5bQZZb5YGPOE&google_cver=1&google_push=AXcoOmSYs8yZ4V8RXH371TrsG518s01WRVWZ5GHKqtFyuSRRr_iSwXa8SOLqM2BVuWISjs6Hcv9MdGqn_cJe7iXCh5...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMwNzkzODM4MDUxNDE2NDQzNDA&google_push=AXcoOmSYs8yZ4V8RXH371TrsG518s01WRVWZ5GHKqtFyuSRRr_iSwXa8SOLqM2BVuWISjs6Hcv9MdGqn_cJe7iXCh5ft...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMwNzkzODM4MDUxNDE2NDQzNDA&google_push=AXcoOmSYs8yZ4V8RXH371TrsG518s01WRVWZ5GHKqtFyuSRRr_iSwXa8SOLqM2BVuWISjs6Hcv9MdGqn_cJe7iXCh5ft2fVPtM9S_jEpJdylPufdcYXRGf_uGn6P119ZH6NGPPGRC0jtNTJropDehlF0PpheQA
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H2
Server
142.251.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMwNzkzODM4MDUxNDE2NDQzNDA&google_push=AXcoOmSYs8yZ4V8RXH371TrsG518s01WRVWZ5GHKqtFyuSRRr_iSwXa8SOLqM2BVuWISjs6Hcv9MdGqn_cJe7iXCh5ft2fVPtM9S_jEpJdylPufdcYXRGf_uGn6P119ZH6NGPPGRC0jtNTJropDehlF0PpheQA
Date
Mon, 22 Jan 2024 20:52:35 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8080
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEK4Cx2Cl73IxDukY9djMCtQ&google_cver=1&google_push=AXcoOmRryiGwA_NEnxChYjvOakVQ7k4tlOzb7jrPoaV5A6SvQ_CeW2cHSellGY4sM-w9Q3AYrxyUFOddRWG8r5WwH3Wr5...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRryiGwA_NEnxChYjvOakVQ7k4tlOzb7jrPoaV5A6SvQ_CeW2cHSellGY4sM-w9Q3AYrxyUFOddRWG8r5WwH3Wr5eR-2QvmuEjyGvhjFlVjj7KsqjUOGLthC...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRryiGwA_NEnxChYjvOakVQ7k4tlOzb7jrPoaV5A6SvQ_CeW2cHSellGY4sM-w9Q3AYrxyUFOddRWG8r5WwH3Wr5eR-2QvmuEjyGvhjFlVjj7KsqjUOGLthCInR9L--GgW0jU_3FAyeYDZBONTq0UOuWOQ0&google_hm=09dd4f7e893ec3b02ayp0a00lrpelsnp
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H2
Server
142.251.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 22 Jan 2024 20:52:35 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRryiGwA_NEnxChYjvOakVQ7k4tlOzb7jrPoaV5A6SvQ_CeW2cHSellGY4sM-w9Q3AYrxyUFOddRWG8r5WwH3Wr5eR-2QvmuEjyGvhjFlVjj7KsqjUOGLthCInR9L--GgW0jU_3FAyeYDZBONTq0UOuWOQ0&google_hm=09dd4f7e893ec3b02ayp0a00lrpelsnp
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
attr
cm.g.doubleclick.net/pixel/ Frame 8080 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJuXavTiDFjSO_faBouzIMf4fBM-J23kShFQnel3morMbgG1b4RVPDSVNQjN1MUHV7fXrKmQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2BDB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 20:52:34 GMT
expires
Mon, 22 Jan 2024 20:52:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 20:52:34 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
theproteinworks.com
osak.com/de/search/ Frame F83D
Redirect Chain
  • https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=f96ab7dd91455d01d74da495a5c6ed3d1594f6b0afd498dc06d2961a25ca6f00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c...
  • https://osak.com/de/y?t=theproteinworks.com&cid=55709c973449ebedd48a6f5e06db5ec44e766071f4b50a4c82672b98135e3a96&identifier=ffb8ec33b6373269
  • https://osak.com/de/search/theproteinworks.com
540 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://osak.com/de/search/theproteinworks.com
Requested by
Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=f96ab7dd91455d01d74da495a5c6ed3d1594f6b0afd498dc06d2961a25ca6f00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.224.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-224-252.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/7.1.33
Resource Hash
b88980cc95bb0b5fadba4ec665e899e8b53a54dbfd5811311ce31e6056fd1664

Request headers

Referer
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=f96ab7dd91455d01d74da495a5c6ed3d1594f6b0afd498dc06d2961a25ca6f00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 20:52:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-powered-by
PHP/7.1.33

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 20:52:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://osak.com/de/search/theproteinworks.com
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-powered-by
PHP/7.1.33
/
www.googleadservices.com/pagead/ar-adview/ Frame 0221
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CJWzfkdWuZa_eN-DW_tMP8Ju0EMaWprN138G56OERmaKQ0Z4wEAEgq4LnnwFgyYaAgNyjxBCgAaXavooDyAEBqAMByAPLBKoEngJP0CelaY8Eer97K87HWvfIhdu8TL_1uRRBZU_cUwqhFYR...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6951ad7aad0220f70000000000000000%22,%222%22:%220xc9caa4d4d80465e00000000000000000%22,%223%22:%220xf6cc0a...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6951ad7aad0220f70000000000000000%22,%222%22:%220xc9caa4d4d80465e00000000000000000%22,%223%22:%220xf6cc0a540cb018be0000000000000000%22,%224%22:%220xe061bedece48cb670000000000000000%22,%225%22:%220xa6f7fe590b178b900000000000000000%22},%22debug_key%22:%223289864306131208113%22,%22debug_reporting%22:true,%22destination%22:%22https://free-pdf-pro.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827305253%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215858113790860162065%22}&andc=true
Requested by
Host: ledroitchemin.fr.gd
URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Protocol
H3
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:52:35 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x6951ad7aad0220f70000000000000000","2":"0xc9caa4d4d80465e00000000000000000","3":"0xf6cc0a540cb018be0000000000000000","4":"0xe061bedece48cb670000000000000000","5":"0xa6f7fe590b178b900000000000000000"},"debug_key":"3289864306131208113","debug_reporting":true,"destination":"https://free-pdf-pro.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["827305253"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"15858113790860162065"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 Jan 2024 20:52:35 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 20:52:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x6951ad7aad0220f70000000000000000","2":"0xc9caa4d4d80465e00000000000000000","3":"0xf6cc0a540cb018be0000000000000000","4":"0xe061bedece48cb670000000000000000","5":"0xa6f7fe590b178b900000000000000000"},"debug_key":"3289864306131208113","debug_reporting":true,"destination":"https://free-pdf-pro.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["827305253"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"15858113790860162065"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame 0B9F 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6061195990779715&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705956753&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fledroitchemin.fr.gd%2Fadkar-sabah-%2526-massa.htm&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705956753830&bpp=1&bdt=1607&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3008124104731&frm=20&pv=1&ga_vid=994717446.1705956753&ga_sid=1705956753&ga_hid=1002818906&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C42532523%2C95321627%2C95322164&oid=2&pvsid=4199329155525931&tmod=2049476268&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 05:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
56341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 05:13:34 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6951ad7aad0220f70000000000000000%22,%222%22:%220xc9caa4d4d80465e00000000000000000%22,%223%22:%220xf6cc0a540cb018be0000000000000000%22,%224%22:%220xe061bedece48cb670000000000000000%22,%225%22:%220xa6f7fe590b178b900000000000000000%22},%22debug_key%22:%223289864306131208113%22,%22debug_reporting%22:true,%22destination%22:%22https://free-pdf-pro.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827305253%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215858113790860162065%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 20:52:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E4FF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHpbgK3udFvXrwOZLyoekYaDEvnhhp1kNNANF0yDmgsOWP0OJO4HJjJUCauZjfdq9nEYpWF9P42IFeU-yaJ4B6t1Xk6_8DiyC6FHb0wqhC27SZLzw1JSeYhKdJMcRJDCG6xYQqJOfKGceyMoLGseAHF7Wy&sai=AMfl-YTqBb5zBchdnQ9-go1GbibgOGkmferd_rMFWcji6v7FeUKreE_oijEqGXJvKhv89Rxpl4iaD95BqL_MdEW6eFwUji_Q1XxmxxJimUv9aGacgoBGc0i0Eb8Dkj2HV6s0FkYvqHVrcMP0hylq6i7f&sig=Cg0ArKJSzIMjMSlyfyIBEAE&cid=CAQSTgAvHhf_Sq6YeRl9-g3xLudnd-YcovUBnDK7aSm_kocdXMlYNBv3TuZTJRZf1X9v3RleasedMLmRyUuctYjU7X32TtnWJEtDw51mFumdVxgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=175,816,1000,1000,1000&tos=175,641,184,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705956753953&rpt=447&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 381E 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqB723qtswQMABUJMSI9ddHOozOXb8y9uyNk6c2R21foW7lCBXmHK3HlRXhHI-HvdGlGQRnFwtGbjXmgH5s8pWoduyYyLd5443fcLpoJnz_6g6RUpjlKJe2ckY2ujnZRSpBrJq8hxjkzC309X3tqxCDLcn&sai=AMfl-YTTx9MBIDjkuN-TZO6x56xRDPfzKap_bOAAiQ_zTTTG7mZUpEuEnf_nAghHiMDzBuVTclfC6U1aPcjKR60e9r_-FVJUTxHVO5YqYRdqUmzQErWnCYLLGFnNG6_cQyBZfL3snF3Z-0poFzUoG2gs&sig=Cg0ArKJSzLO063xo4rn3EAE&cid=CAQSTgAvHhf_Sq6YeRl9-g3xLudnd-YcovUBnDK7aSm_kocdXMlYNBv3TuZTJRZf1X9v3RleasedMLmRyUuctYjU7X32TtnWJEtDw51mFumdVxgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705956753951&rpt=530&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 20:52:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.theproteinworks.com/ Frame F83D
Redirect Chain
  • https://r.secprf2.com/v1/redirect?url=https://theproteinworks.com&api_key=1b47e97a88219da5e2b7579710ac9d3a&site_id=9fb9a0578dd84fadbefee1f722b2995d&type=url&source=https://osak.com/de/search/thepro...
  • https://r.secprf2.com/v2/go?t=mtcps%3Ar%2Fwwi.twrne.to2%2FFw%25l3cs.thh%3Fpim%3Dc5k5si.%3Dw4%3D4f6rc%26i5k9eb%3D2wf.esfkbcam4cdi8k5ea2bv932430d152961c96a645b9889b546a69c169251d03423cvirkwe%263o9.ba...
  • https://www.awin1.com/awclick.php?mid=7535&id=143466&clickref=www.osak.com&clickref2=v0304000142262c566685b9f84b348af94179955d1332&clickref3=9fb9a0578dd84fadbefee1f722b2995d&clickref4=www.osak.com&...
  • https://theproteinworks.com/?sv1=affiliate&sv_campaign_id=143466&awc=7535_1705956757_c269e09e15a7f755c35ff024b6a65f25&utm_medium=affiliate&utm_source=yieldkit_Sub+Networks
  • https://www.theproteinworks.com/?sv1=affiliate&sv_campaign_id=143466&awc=7535_1705956757_c269e09e15a7f755c35ff024b6a65f25&utm_medium=affiliate&utm_source=yieldkit_Sub+Networks
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theproteinworks.com/?sv1=affiliate&sv_campaign_id=143466&awc=7535_1705956757_c269e09e15a7f755c35ff024b6a65f25&utm_medium=affiliate&utm_source=yieldkit_Sub+Networks
Requested by
Host: osak.com
URL: https://osak.com/de/search/theproteinworks.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:174c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://osak.com/de/search/theproteinworks.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
849aae8a0c068d97-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 22 Jan 2024 20:52:39 GMT
expires
-1
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
849aae86bf588d97-MIA
content-type
text/html
date
Mon, 22 Jan 2024 20:52:38 GMT
location
https://www.theproteinworks.com:443/?sv1=affiliate&sv_campaign_id=143466&awc=7535_1705956757_c269e09e15a7f755c35ff024b6a65f25&utm_medium=affiliate&utm_source=yieldkit_Sub+Networks
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
assets.myflashfetish.com
URL
https://assets.myflashfetish.com/images/btn-get-tracks.gif
Domain
assets.myflashfetish.com
URL
https://assets.myflashfetish.com/images/btn-create.gif
Domain
assets.myflashfetish.com
URL
https://assets.myflashfetish.com/images/btn-get-ringtones.gif
Domain
counters.gigya.com
URL
https://counters.gigya.com/wildfire/IMP/CXNID=2000002.0NXC/bT*xJmx*PTEyMjE1MDczMjM3NzMmcHQ9MTIyMTUwNzMzNTUwNyZwPTE4MDMxJmQ9Jm49Jmc9MSZ*PSZvPWExMzdhYzg4NDk4MTRhZjc5YmIxZTY2ZGZhMjgzMWY3.gif
Domain
www.monsitegratuit.com
URL
http://www.monsitegratuit.com/services/compteur_site_web/compteur_page.php?client=10053&logo=7&nb0=10
Domain
www.monsitegratuit.com
URL
http://www.monsitegratuit.com/services/sondage/mon_sondage.php?id=5320&skin=5
Domain
countus1.editeurjavascript.com
URL
http://countus1.editeurjavascript.com/countus.php3?pseudo=f_032983&timer=1705956752255&present=1
Domain
fwd.fwdtrk.com
URL
https://fwd.fwdtrk.com/track?id=

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 number| dateTimeOffset function| getElementsByClassNameLocalTimeWrapper object| today number| sec function| getBrowser object| browser string| contentType object| tagsToWrite string| tagKey object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag

21 Cookies

Domain/Path Name / Value
.ledroitchemin.fr.gd/ Name: PHPSESSID
Value: a44d616b1a729c927360a369d986c3d3
.fr.gd/ Name: __gads
Value: ID=057da28ce2fdb1d7:T=1705956752:RT=1705956752:S=ALNI_MZxB-HPYPPe02oQ3-Tk62QetoBSMQ
.fr.gd/ Name: __gpi
Value: UID=00000db93ee77315:T=1705956752:RT=1705956752:S=ALNI_MZunPHQ8GchIuv5ck3N5iNmIwUIaQ
.doubleclick.net/ Name: IDE
Value: AHWqTUlamWjnSyen4CPPn7kMwL9v3wSL8wDjV84g-gT5MKBd5m4YLpUy2zAAW19ZI9k
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.simpli.fi/ Name: suid
Value: 059F7CBC273B40F5AF2B0F8C7F87EBF9
.bidswitch.net/ Name: tuuid
Value: 50df2b93-798c-4790-a7ca-0da4e3cfe714
.bidswitch.net/ Name: c
Value: 1705956755
.bidswitch.net/ Name: tuuid_lu
Value: 1705956755
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A3079383805141644340
.mxptint.net/ Name: mxpim
Value: R35CAB_10FB49D17_7CBA1EE6.1.65AED593
.mediago.io/ Name: __mguid_
Value: 09dd4f7e893ec3b02ayp0a00lrpelsnp
.bidswitch.net/ Name: google_push
Value: AXcoOmT19JexZtsN3i716VrLNRYY1KBBbq8oMGO25zTTNqKj-SFx7Zk8SsZGxjRwoPKsbdlcq3Zmmbi3WbEaKyY8KccyItBUfMBtFGf2XsiiPKQleZGm9gNnTjvpJEY969Qpl1GKsS9Tsktbqb-M-CrD0fLgfKQ
api.yieldads.net/ Name: AWSALBTGCORS
Value: nNkMO0hU59J/cArNXBYuDLqFxm3TofNR/bPiHtgScWKpRR5d1YlBS+riNzO5TdIrJr6EfqlVnJT7AY4dyrAaTzAnVhwoet01xviAn71mx6vEyYI3fbhc4CHvbqbv3uK8bFkHdSxRSTd6SKuc0GhNJKJVR5Hv8mBZZf92l4EkKZIHth0Ntmk=
api.yieldads.net/ Name: AWSALBCORS
Value: 7L89OiS3hulZSTuB6pjWFHBKmSKm3lMQay9smaGRL5hZRM22wB+71is/jZFGkZltXRWqzhTUOzUvZ7mKiCqY9ll3ZuNzhBJ6nTH6OsfncvkN0zy8kFgVQK85eoXN
.dotomi.com/ Name: DotomiTest
Value: 49fdd97883951560
osak.com/ Name: AWSALBCORS
Value: xs/2jN5titxkbZONE+lbMy1YNqE6VJXuYmFjxqxub1yR04wj7Pmc8JXEBhkil389BVHwSgo8x2VnxhBjl4qqrHQB/2TK6U/V6Ph+NYXE9+lsPDgis8jyguJqlSuK
.awin1.com/ Name: aw7535
Value: 143466|0|0|1705956757|v0304000142262c566685b9f84b348af94179955d1332-9fb9a0578dd84fadbefee1f722b2995d|aw|0
.awin1.com/ Name: bId
Value: HLEX_65aed595234ed0.71256884

21 Console Messages

Source Level URL
Text
security warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure element 'http://assets.myflashfetish.com/images/btn-get-tracks.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure element 'http://assets.myflashfetish.com/images/btn-create.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure element 'http://assets.myflashfetish.com/images/btn-get-ringtones.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure element 'http://counters.gigya.com/wildfire/IMP/CXNID=2000002.0NXC/bT*xJmx*PTEyMjE1MDczMjM3NzMmcHQ9MTIyMTUwNzMzNTUwNyZwPTE4MDMxJmQ9Jm49Jmc9MSZ*PSZvPWExMzdhYzg4NDk4MTRhZjc5YmIxZTY2ZGZhMjgzMWY3.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure element 'http://www.monsitegratuit.com/site.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure script 'http://www.monsitegratuit.com/services/compteur_site_web/compteur_page.php?client=10053&logo=7&nb0=10'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm(Line 760)
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure element 'http://assets.myflashfetish.com/images/btn-get-tracks.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm(Line 760)
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure element 'http://assets.myflashfetish.com/images/btn-create.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm(Line 760)
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure element 'http://assets.myflashfetish.com/images/btn-get-ringtones.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm(Line 760)
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure element 'http://counters.gigya.com/wildfire/IMP/CXNID=2000002.0NXC/bT*xJmx*PTEyMjE1MDczMjM3NzMmcHQ9MTIyMTUwNzMzNTUwNyZwPTE4MDMxJmQ9Jm49Jmc9MSZ*PSZvPWExMzdhYzg4NDk4MTRhZjc5YmIxZTY2ZGZhMjgzMWY3.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure script 'http://www.monsitegratuit.com/services/sondage/mon_sondage.php?id=5320&skin=5'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm(Line 786)
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure element 'http://www.monsitegratuit.com/site.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm(Line 784)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://countus1.editeurjavascript.com/countus.php3?pseudo=f_032983&timer=1705956752255&present=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm(Line 784)
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure script 'http://countus1.editeurjavascript.com/countus.php3?pseudo=f_032983&timer=1705956752255&present=1'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm(Line 736)
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure frame 'http://www.islamicfinder.org/prayer_service.php?country=algeria&city=algiers&state=01&zipcode=&latitude=36.7631&longitude=3.0506&timezone=1&HanfiShafi=1&pmethod=1&fajrTwilight1=10&fajrTwilight2=10&ishaTwilight=10&ishaInterval=30&dhuhrInterval=1&maghribInterval=1&dayLight=0&page_background=&table_background=&table_lines=&text_color=&link_color=&prayerFajr=&prayerSunrise=&prayerDhuhr=&prayerAsr=&prayerMaghrib=&prayerIsha=&lang=arabic&frameWidth=400&tableForm=horizontal'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm(Line 974)
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure element 'http://download.quran.islamway.com/quran3/21/001.mp3'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://counters.gigya.com/wildfire/IMP/CXNID=2000002.0NXC/bT*xJmx*PTEyMjE1MDczMjM3NzMmcHQ9MTIyMTUwNzMzNTUwNyZwPTE4MDMxJmQ9Jm49Jmc9MSZ*PSZvPWExMzdhYzg4NDk4MTRhZjc5YmIxZTY2ZGZhMjgzMWY3.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure plugin resource 'http://assets.myflashfetish.com/swf/mp3/fetish-mp3player.swf'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm
Message:
Mixed Content: The page at 'https://ledroitchemin.fr.gd/adkar-sabah-%26-massa.htm' was loaded over HTTPS, but requested an insecure audio file 'http://download.quran.islamway.com/quran3/21/001.mp3'. This content should also be served over HTTPS.
network error URL: https://www.monsitegratuit.com/site.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.theproteinworks.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aep.mxptint.net
aid.send.microad.jp
api.yieldads.net
asrv205.com
assets.myflashfetish.com
cm.g.doubleclick.net
counters.gigya.com
countus1.editeurjavascript.com
dclk-match.dotomi.com
download.quran.islamway.com
dsp.adkernel.com
fonts.googleapis.com
fonts.gstatic.com
fwd.fwdtrk.com
fwdtrk.com
googleads.g.doubleclick.net
gtrace.mediago.io
ledroitchemin.fr.gd
osak.com
pagead2.googlesyndication.com
r.secprf2.com
theme.webme.com
theproteinworks.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
visifeed.org
www.awin1.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.monsitegratuit.com
www.theproteinworks.com
x.bidswitch.net
assets.myflashfetish.com
counters.gigya.com
countus1.editeurjavascript.com
fwd.fwdtrk.com
www.monsitegratuit.com
13.42.201.144
142.251.16.156
142.251.167.157
174.137.133.49
176.9.183.55
178.162.223.113
193.238.27.28
202.233.84.1
23.192.63.78
2606:4700:10::6816:174c
2606:4700:20::ac43:4991
2606:4700:3037::ac43:cc74
2606:ae80:1451:21::440
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::84
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c09::68
2607:f8b0:4004:c09::9a
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::9a
2607:f8b0:4004:c1d::9d
27.120.94.1
3.73.224.252
3.75.56.58
34.150.170.96
35.208.249.213
35.211.178.172
38.68.201.140
52.28.39.71
72.52.116.68
03cc273c212320a618d24f3c4cb324109b8985893971af708126ba1ba0b0020f
07e7abc2ce80b7293877943918f367f9452e714fa7d22d5ce084dd5e0e9d5976
0a36f89d3e2086438c170c20015c8dfffba756cd290183f2e532a019a0820a7e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f9eb65ab498b4f0205bb9ec91436a230b81c2e0e1333d97191c4eb82d9aca0f
16d41bea3097b358bf8e297ea85bf49dda3b2ef3748c22d1edf1b5df0fcb7b4a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b3434bfd8278556bd3a3f171c4d15708a9136d41b4a531be40196a49a9de535
1e95756f86ee3f3ef1519b59621665005adb89e68ed17a71e858f15e6ecef4f8
24a53ff70f313697545d9e69fbb238362b504f0ae456b2485534c3cc9a6036cc
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d4dd43449743e5897874900e94abbd02f16d5af1355b24c816b8e413cac7ad0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
48800eee592f4caed4e2748342c4c6d809f1ef52026c7142a6e1bde27448a8f2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e5ac741fe027aea28050c4010f30747adee93203f02453d1c23838330092760
4e61a7989142e9378a3fd73ba6d3e9e946915fe092486709c5e0310aa971113e
4e90b6c7eea06fa8e051dcd5b426c8f488cf1c7cd03780eb4517857d16959cb3
4f5460dfd092fd9590362384eb00333f8b88fa1489703e21fb14271387baf063
5232256c08fd93a7f63f1ae70588f36265a52a56f54b65866b62ff2089939a8f
52738ef63f4f5d74aec2c2d009710029efc884cf4918fb7792eec9f9475be020
56a6152d9326de9839afdd8c20b6b2bd60bdef4eb4d555ad78a9c2255daeee11
56f1f9f221823d676b4df40f56c5d8a33fc9190908f4ad90d3a087a813e0a7bb
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
62c2afa5754464fe42af66e26eeb860faf498d8b5ebfa0a2fa843bf96ec68f6b
65b3109b80ef8f7994efd40f25275b8dbce4660149bc2936adbc56c1e36bbc03
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6c32315caa8ee83308e5a385dc03eb2cbf1a2dae6d9dc84fc5c9ae93b8e085f8
6cdf3901550c7719b61495c292937c90247faf7e0cfe3dd4bae4d1cc2241d8d7
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
730762be523c086126791a00b65689747f55ea311ab2d029a11ac89858fdfd9d
730bf2c12f90e78d53b2dc9f2b16e6ec862c7f46df20425fe0b0c6a02f32b07e
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7e7bee82564eac9cb1edda1dabbbc7075ca8b498ef1644e00c2cc2a3f388adc9
848fc58cd57b79d099da18e206bfec450187f6c55b9e772a4101517641994d49
8656359e042892b1ec966ecebd5e2f7a673f964ef1246aa7948c92f2ffbc3d02
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8f7824da5a9cdc667ec975714bedab42352daf58677e873d040e9df5cdbb9a2b
91d6634f50ec59c420b7f23ed8726114e3dcc83a7c553556c6758abfdb47b6a3
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a584e73e9ee86dcec15b00cf40b974fbcda9a369be69dbc10b3b5d13d7e65dc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e01d2b7642600d454ebf01b4e418f887f4b85c9a2ab9c0ce57bf55fef027f80
a34035a6aa28e76e9e97e65aef1c52179420c3984d522cf469266201492811c2
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab57fe6b1c7f9e7b5abeea7b2394863d0576747765b1088a8f6a49513499a9d2
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad23acf9743e6416ba3a601f2628804e84dd15509dbbbf3a04c2219b4637e166
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b88980cc95bb0b5fadba4ec665e899e8b53a54dbfd5811311ce31e6056fd1664
ba2b817cbad38f8b90df6b6a40e0e597c84b3b67d020676012270b2f17c0ec45
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9324f380d695809802909e62bb615cc6ccadf645a26c280cb81d762a4d733d9
fca18c6f5748520eac003b6d921a6b5c3577391d169d01bca726babe18f90888