fr.thptnganamst.edu.vn Open in urlscan Pro
2606:4700:3037::ac43:c77b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Submission: On February 05 via automatic, source phishtank (February 5th 2024, 11:28:16 am UTC) — Scanned from DE

Summary HTTP 109 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 18 domains to perform 109 HTTP transactions. The main IP is 2606:4700:3037::ac43:c77b, located in United States and belongs to CLOUDFLARENET, US. The main domain is fr.thptnganamst.edu.vn.
TLS certificate: Issued by GTS CA 1P5 on December 15th 2023. Valid for: 3 months.

This is the only time fr.thptnganamst.edu.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3037::ac43:c77b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.86.251.135 184.86.251.135	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a0b:cbc0:10:... 2a0b:cbc0:10:1af1:b2e::1f0	2027 (MILKYWAN ...) (MILKYWAN MilkyWan)
1	13.224.132.58 13.224.132.58	16509 (AMAZON-02) (AMAZON-02)
1	163.172.169.60 163.172.169.60	12876 (Online SAS) (Online SAS)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	217.69.1.34 217.69.1.34	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	46.18.231.100 46.18.231.100	197033 (CPRO-AS) (CPRO-AS)
8	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
42	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	51.159.16.19 51.159.16.19	12876 (Online SAS) (Online SAS)
109	21

18 2606:4700:3037::ac43:c77b (United States)

ASN13335 (CLOUDFLARENET, US)

fr.thptnganamst.edu.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:171 (United States)

ASN13335 (CLOUDFLARENET, US)

pic.clubic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.135 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-135.deploy.static.akamaitechnologies.com

www.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:cbc0:10:1af1:b2e::1f0 (France)

ASN2027 (MILKYWAN MilkyWan, FR)

lafibre.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.132.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-132-58.lhr3.r.cloudfront.net

img.discountmags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.169.60 (France)

ASN12876 (Online SAS, FR)
PTR: 60-169-172-163.instances.scw.cloud

c0.lestechnophiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.69.1.34 (Aubervilliers, France)

ASN20473 (AS-CHOOPA, US)
PTR: 217.69.1.34.vultrusercontent.com

lemon.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.18.231.100 (Salavas, France)

ASN197033 (CPRO-AS, FR)
PTR: campagnolv2-1.campagnol.fr

longvilliers-yvelines.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.159.16.19 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-159-16-19.rev.poneytelecom.eu

www.universfreebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	859 KB
18	thptnganamst.edu.vn fr.thptnganamst.edu.vn	146 KB
8	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 410	125 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	71 KB
6	fbsbx.com lookaside.fbsbx.com — Cisco Umbrella Rank: 9241
4	gstatic.com www.gstatic.com	46 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	12 KB
1	universfreebox.com www.universfreebox.com	68 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
1	longvilliers-yvelines.fr longvilliers-yvelines.fr	166 KB
1	lemon.fr lemon.fr	32 KB
1	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 453	8 KB
1	lestechnophiles.com c0.lestechnophiles.com — Cisco Umbrella Rank: 384629	41 KB
1	discountmags.com img.discountmags.com — Cisco Umbrella Rank: 814826	61 KB
1	lafibre.info lafibre.info — Cisco Umbrella Rank: 730765	30 KB
1	tiktok.com www.tiktok.com — Cisco Umbrella Rank: 4170
1	clubic.com pic.clubic.com — Cisco Umbrella Rank: 460140	1 MB
109	18

	Domain	Requested by
42	tpc.googlesyndication.com	googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org tpc.googlesyndication.com pagead2.googlesyndication.com
18	fr.thptnganamst.edu.vn	fr.thptnganamst.edu.vn
11	pagead2.googlesyndication.com	fr.thptnganamst.edu.vn pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com fr.thptnganamst.edu.vn
6	lookaside.fbsbx.com	fr.thptnganamst.edu.vn
4	www.gstatic.com	googleads.g.doubleclick.net
2	www.googleadservices.com
1	www.universfreebox.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	longvilliers-yvelines.fr	fr.thptnganamst.edu.vn
1	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
1	lemon.fr	fr.thptnganamst.edu.vn
1	play-lh.googleusercontent.com	fr.thptnganamst.edu.vn
1	c0.lestechnophiles.com	fr.thptnganamst.edu.vn
1	img.discountmags.com	fr.thptnganamst.edu.vn
1	lafibre.info	fr.thptnganamst.edu.vn
1	www.tiktok.com	fr.thptnganamst.edu.vn
1	pic.clubic.com	fr.thptnganamst.edu.vn
109	20

This site contains no links.

Subject Issuer	Validity	Valid
thptnganamst.edu.vn GTS CA 1P5	`2023-12-15` - `2024-03-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
clubic.com E1	`2024-01-13` - `2024-04-12`	3 months	crt.sh
*.www.tiktok.com RapidSSL ECC CA 2018	`2023-11-09` - `2024-12-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-14` - `2024-02-12`	3 months	crt.sh
lafibre.info R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
img.discountmags.com Amazon RSA 2048 M03	`2024-01-10` - `2025-02-07`	a year	crt.sh
c0.lestechnophiles.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
internet-sans-engagement.fr R3	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
longvilliers-yvelines.fr R3	`2024-01-21` - `2024-04-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.universfreebox.com R3	`2024-01-10` - `2024-04-09`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Frame ID: 10ABFB6CFA0364D9BF99B10944C03D4C
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html
Frame ID: C541CE5E49DF7D2397EDEB2189BC1B51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6291286519891530&output=html&adk=1812271804&adf=3025194257&lmt=1707113626&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Ffr.thptnganamst.edu.vn%2Fcollecter-151-imagen-coup-de-pouce-orange%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707132492156&bpp=3&bdt=384&idt=300&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7037238405536&frm=20&pv=2&ga_vid=1560754547.1707132493&ga_sid=1707132493&ga_hid=685786161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809531%2C31080818%2C95320378%2C95320870%2C95321865%2C95324155%2C95324160&oid=2&pvsid=4405783503164113&tmod=1281601973&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=678
Frame ID: F54E96E50E096605424ED36D46568EC8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6291286519891530&output=html&h=600&slotname=8393123936&adk=2363945673&adf=1839787983&pi=t.ma~as.8393123936&w=300&fwrn=4&fwrnh=100&lmt=1707113626&rafmt=1&format=300x600&url=https%3A%2F%2Ffr.thptnganamst.edu.vn%2Fcollecter-151-imagen-coup-de-pouce-orange%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707132492156&bpp=2&bdt=384&idt=344&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7037238405536&frm=20&pv=1&ga_vid=1560754547.1707132493&ga_sid=1707132493&ga_hid=685786161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809531%2C31080818%2C95320378%2C95320870%2C95321865%2C95324155%2C95324160&oid=2&pvsid=4405783503164113&tmod=1281601973&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=683
Frame ID: EA0315AD6C2980A4483DBE3B3C96509B
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D6CB7DF0979ED11AB0354FBFDCDD26FE
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html
Frame ID: 67C37FFB0AA5A727B94233D2C3691BA2
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: B7185F6772A247D7AFBF1CA5EA013971
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CE9C171EACE11A7D55B2C6AA421A9B25
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C08F7F68C4664FFCD947D005D7A8CCDE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Collecter 151+ imagen coup de pouce orange - fr.thptnganamst.edu.vnToggle MenuPreviousContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinue

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

109
Requests

98 %
HTTPS

65 %
IPv6

18
Domains

20
Subdomains

21
IPs

3
Countries

2967 kB
Transfer

4992 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://googleads.g.doubleclick.net/pagead/adview?ai=CVrbPTMbAZYfZNYuM1fAPt7mWoAS7nrXQdeXgooz9EdnZHhABIJGKtzRglYKAgJgHoAGSieW7KMgBCakCRMIPqnAZsj6oAwHIA0iqBJgCT9D73_85xfO_Cg7aJF5q0CLJbjRk9TuGQEdBMAAsIGH5dtwdxe9PLCRgn9jHOimzplUBw1FuuweHPTl1MdnRPwRf13b6I0x7zfUZYb5GJIygpLVlA1y8Y-JaIRSASiT2ZplQ4bCffCHhV6GmhTgtfvGvD39zHj_9ybNeMi_iB7ff2pzwEPXhlJR17kNFYDcWz2zYZ5nxtXfEtCmHTDIe7O00Tmj70atpf-0fEaWap1F_mGCYGg_fpLQ2tN1YOxGdjWwWPy50JZDfkS-YG6eprnbQUikLIDx_3Nltc9qBYMUBzM_G1TyzmqM9unGyb-1I2EpgInIjrgaEkscAAdmqLLcHzLvWXu1jZrdXLU1FGedn9ckKtALX4MAEl-r7-L8EiAWYt4W8TZIFBAgEGAGSBQQIBRgEoAYugAeSwbWbA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJagG9IIJQiA4YBwEAEYHzIC6wI6CIBAgICEgIAESL39wTpY-8rJjoyUhAOaCR1odHRwczovL3d3dy5tZWluZWJhbmsuZGUvZ2lyb4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi02MjkxMjg2NTE5ODkxNTMwGAA&sigh=VNmeS3vw9Ec&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_dMEnWh6R-gytRWCglq157SGE1OShqx5P8cwCHivn4JIbE5ifbFyP25jUcdUoHn0PB5sTgg-cG_9Qa3uBh9xOwP_gouv31Bn4tqAYAQ&template_id=419&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229642461026144300004%22,%22debug_reporting%22:true,%22destination%22:%22https://meinebank.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210862806162%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22957666655389775617%22}&andc=true

109 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/ 269 KB
39 KB 1337ms
1194ms Document
text/html 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9406b56e56d0047ecaa50f05b36528c1d9e82c6fe2696596f71a00a8f0e41822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 850acef23c765d8c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 05 Feb 2024 11:28:11 GMT
expires: -1
last-modified: Mon, 05 Feb 2024 06:13:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: same-origin same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUW%2F8nF%2FhwTAYVXF9B3uVxhprl1w%2B9IYGL25%2Fpb0gQYscMQblAGV2FqjH9dX35peLA1z39VTmjsnZjNmuXBpWCuYM2%2BbnvGl5qGAujgCH%2B6BhN6fa3k3pabJNqrjV11WugJgZtEgXxvroL0%2Bgz3P2yw213Zi"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-age: 7968
x-cache-lifetime: 14400
x-cache-tags: fdf5
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
fr.thptnganamst.edu.vn/wp-includes/css/dist/block-library/ 108 KB
15 KB 52ms
50ms Stylesheet
text/css 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 465071
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 Jan 2024 00:30:37 GMT
server: cloudflare
etag: W/"65b994ad-1ae43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6t6B3SVUbCvYpPpxVqWEItC0teW%2B%2B4s0GgjF0Vr777oGAagJlK3F1snh2tI78yN8yAIt%2FVE59j1%2B8edvkWZyTl3d19O4sQIza80C7%2F0WTOwn5q%2FS1GnCCznk8WNR%2B04Ytv0RmLTFEGVZDzUPyftb6w94Pad5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acef9bbb35d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 screen.min.css
fr.thptnganamst.edu.vn/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 60ms
58ms Stylesheet
text/css 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.46
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a2439001d53cac93726a7b6f5b1fbc3dc1af341589c3a1759703c66bf21fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5802485
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 11:44:03 GMT
server: cloudflare
etag: W/"64315383-15f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUEIVXvevTnd766575zIuvEsvnwbk2fcWzY4rPc%2BqzwvefsTipOB3pZTiXys0mMkiY2OtEAm%2FmKEb54hAr%2Fcvsrb5lM3GTnTM%2B7a5VEIPj159wZuGtvXgfiaVhZTVLOKLqcGeA0Odeh%2Fa%2FUZCoV%2BG2i8klPe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acef9bbb45d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 global.min.css
fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/ 20 KB
5 KB 57ms
55ms Stylesheet
text/css 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.35
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f5a33801c2430f432473ae8c2dbb94d907f8453627ef4e9b70354b25f7f7cad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7182107
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 11:55:00 GMT
server: cloudflare
etag: W/"64315614-51af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9q8y%2FT9j2MhDmH9cbUTYfIiX32rh9iZO3wOpiuGYZToq6dWES91cUKAnbDDNn84oFz2VjyJd14Lu5tzRMGo7Jz6I1aZ1P%2F5xYMaEW20sKdJ4gjWl8OIjob1Gmld2zWsqfrKtu2whdlnmal5D6aDt4ext8WjO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acef9bbb65d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 header.min.css
fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/ 27 KB
5 KB 58ms
56ms Stylesheet
text/css 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.35
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5405ca68d94de128d658b9e172d95e4341a4e454a6039920e89722fac899830e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5978046
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 11:55:00 GMT
server: cloudflare
etag: W/"64315614-6d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BoLi9coVOmqDgsG02XetT8xBBx3mdbVYHe5Rx7kGHUaf4DJePVPg5UMxo63pwUl9NrumznKRYfDfGlrT%2F1yPukJziJEhBtgFiwyFnYOmoasqeUEpK%2BvAq38%2Bv%2FobswL7HpWWwgzHJQZ34QVymrTIvCQIWR%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acef9bbb75d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 content.min.css
fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/ 32 KB
6 KB 62ms
61ms Stylesheet
text/css 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.35
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5886761
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 11:55:00 GMT
server: cloudflare
etag: W/"64315614-7fcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f40s%2F13hMAI0DGCCveqwBUOU79us7f49%2Ftvn0pPif%2BO8WUjCSR8Y%2BYv4dVDfoP%2FAwmm%2BF5HjCMFUksjEOucrgUW9%2Fjg8nkfY2jxIZjvLNuwdZigSZ7rhosi1bOfbzrpBe1%2Fwu2LupCR5%2BvEDg%2BwJlInPqgaw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acef9bbba5d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comments.min.css
fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/ 6 KB
2 KB 59ms
58ms Stylesheet
text/css 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/comments.min.css?ver=1.1.35
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 055486b8ef198b37f47f0cd509ca420d37404f693ab5d8600bf366291f131be7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7180798
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 11:55:00 GMT
server: cloudflare
etag: W/"64315614-192e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGmE4WbsY0mWLTbom%2B8P0oUeQtU7327Si2eRpN0RAcsJVxkA5VDVGfgGzktXmtV%2BlkfCoIhTetE%2F%2By7xzqpGNgJMwMKSoX6ebPfy3W7wvamBa9%2FX4EQ6WwoflvKWpVXTekn1vlw7HJ9yGYndTYLbb3MVHXdS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acef9bbbe5d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 related-posts.min.css
fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/ 996 B
676 B 61ms
60ms Stylesheet
text/css 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/related-posts.min.css?ver=1.1.35
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2f1dc84e4ef961b787e21d203ce06521cced0634ae8b6fc41718f3770d7a42c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7180798
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 11:55:00 GMT
server: cloudflare
etag: W/"64315614-3e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k26ShF0MqQITzf7NtqsFXMH%2FpT%2FntAlsKQ4%2Bdc13LupijgQQ%2BCw3DyRPc2xDUkVKogPcg4aGhqeC03jKMrkxanfLLtcw%2BJpfBZuhUcoMEKRy4u25Fv4NcDXQbCtO3iiGIORICfcXa5y6%2FDFvaBHR0zRmnI1L"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acef9bbc15d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 kadence-splide.min.css
fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/ 9 KB
2 KB 95ms
95ms Stylesheet
text/css 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/kadence-splide.min.css?ver=1.1.35
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b52bfd72a0a8f321e2f49bd172bcd4f01bf14dde6416317d05ba15e5d1dd8f42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7180798
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 11:55:00 GMT
server: cloudflare
etag: W/"64315614-2389"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdyHW%2FZDx1qftXn%2BikHSW0%2FweeiUnpin%2B7VilfFS3qkToxF37zqidDJmH2yXcR%2Ff6wE2ANIC5VwFDG05XtGEHfPYV4bELbkD8SujqMaygmC8t14VWscmhj1QR9tTrwT2qp%2BQivl9bBzjBuxjL7q6LZIwBkpb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acef9bbc45d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footer.min.css
fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/ 18 KB
2 KB 97ms
96ms Stylesheet
text/css 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.35
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 195159
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 11:55:00 GMT
server: cloudflare
etag: W/"64315614-49c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1fG75Fh0cNlm5dfQRSdtL0f6i43bGQ%2Fk1Uk0vHN1A%2F%2BZvSeFQwx%2FAuTOfboBsDr2Ei8Tk8E%2FsgBHwF15jqnBFU40jmBwoQticuyGLHcuvwukrYUnW1t6mxkOHDlp41Yx8bK6Ov2SiPMCvXUuiPGNWfYdvoq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acef9bbc85d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
fr.thptnganamst.edu.vn/wp-includes/js/jquery/ 86 KB
31 KB 62ms
61ms Script
application/javascript 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7180798
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 00:31:57 GMT
server: cloudflare
etag: W/"654ad6fd-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdLzVhd9i4oOv%2Bx8tm24hq3qybaIkiOMeQeNydrRD3QeilYfR288Lsfe8X8LMLujojStUkABVi9Kvf4nZi9xFoFfq4ODlZ77qWgsqN5r7N5rZb%2B8ycaZETw1ZCH8F27qbxEkMTTD2a3EVwjLpAqpzVZLBbhk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acef9bbca5d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
fr.thptnganamst.edu.vn/wp-includes/js/jquery/ 13 KB
5 KB 98ms
98ms Script
application/javascript 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7181721
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 00:30:39 GMT
server: cloudflare
etag: W/"64d42faf-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyTBkKAZozLDyclQsXazIzluAphj2mvRo4DONyXkk8%2FK7bW6oIS%2BcHDJhl%2BdZ8gLDaXSlF9%2Fwj7XT7VajarS0Y85NHF5RvsCrs2dtSchzwVLNY0tmuQMAA%2F9BwkU6SiKDcfTdPJKrx1hM%2FrS40mmncejHnCr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acef9fbf75d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 175ms
87ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6291286519891530

Requested by

Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1f2bbe6a7d3e39287bbd274b452555733186e1de4f717319c2703e069bc3fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://fr.thptnganamst.edu.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51275
x-xss-protection: 0
server: cafe
etag: 4487098825149552253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 05 Feb 2024 11:28:11 GMT

GET
H2 200 raw
pic.clubic.com/v1/images/1734208/ 1 MB
1 MB 190ms
89ms Image
image/png 2606:4700:20::681a:171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1734208/raw
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f03b0c69f100c6aacb65b920e8ab1feec9b73853c23521dc220f65f89a5e0f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:12 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics02
cf-cache-status: DYNAMIC
x-cacheable: Yes
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521557
x-cache: HIT
content-length: 1263798
x-via-poph: front02
last-modified: Fri, 19 Jul 2019 09:02:45 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OmTEpUMHkcYe9fCNuqMezlo7kxKau8BhNv9%2BEzNZhWMrflVPfBVQArrygOSKDzFCygoc3iixOdQDj3DEZSp9%2F8NSTZUWix5Pb2C8VmWo5CIrvd%2FRLE7%2FeY4MOnyydN%2B29%2Bwkd%2F7I1dEI41C"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-varnish: 939127308 835334672
cache-control: max-age=25920000, public
accept-ranges: bytes
cf-ray: 850acefb0b3a2c73-FRA
expires: Thu, 30 Jan 2025 11:35:34 GMT

GET
H2 400 /
www.tiktok.com/api/img/ 0
0 289ms
161ms Image
application/json 184.86.251.135
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktok.com/api/img/?itemId=7196607465788607750&location=0&aid=1988
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.135 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 /
lookaside.fbsbx.com/lookaside/crawler/media/ 0
0 248ms
153ms Image
text/html 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=102536208141183
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 /
lookaside.fbsbx.com/lookaside/crawler/media/ 0
0 251ms
156ms Image
text/html 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1658556817900370&get_thumbnail=1
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 /
lookaside.fbsbx.com/lookaside/crawler/media/ 0
0 250ms
156ms Image
text/html 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=3468113149913174
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 index.php
lafibre.info/ 30 KB
30 KB 228ms
110ms Image
image/jpeg 2a0b:cbc0:10:1af1:b2e::1f0
MILKYWAN MilkyWan

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lafibre.info/index.php?action=dlattach;topic=52713.0;attach=131117;image

Requested by

Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:cbc0:10:1af1:b2e::1f0 , France, ASN2027 (MILKYWAN MilkyWan, FR),

Reverse DNS

Software

Apache /

Resource Hash

120c5aae636d76719b193c7f37aa662a5eeecb343011123d22a1b3991b623576

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; preload
content-encoding: none
x-content-type-options: nosniff, nosniff
date: Mon, 05 Feb 2024 11:28:12 GMT
content-transfer-encoding: binary
content-disposition: inline; filename="test dÃ©bit Ethernet RJ45 PC FIXE Offre Coup de Pouce Livebox Fibre.png_thumb"
x-xss-protection: 1, 1; mode=block
pragma
last-modified: Wed, 21 Sep 2022 12:15:16 GMT
server: Apache
etag: "131117test dÃ©bit Ethernet RJ45 PC FIXE Offre Coup de Pouce Live"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, private
accept-ranges: bytes
expires: Tue, 04 Feb 2025 11:28:12 GMT

GET
H2 200 /
lookaside.fbsbx.com/lookaside/crawler/media/ 0
0 444ms
350ms Image
text/html 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=100063911205454
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 /
lookaside.fbsbx.com/lookaside/crawler/media/ 0
0 264ms
170ms Image
text/html 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=148416888124184&get_thumbnail=1
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H/1.1 200
OK https%3A%2F%2Fimg.discountmags.com%2Fproducts%2Fextras%2F430656-coup-de-pouce-cover-2021-march-1-issue.jpg%3Fbg%3DFFF%26fit%3Dscale%26h%3D1019%26mark%3DaHR0cHM6Ly9zMy5hbWF6b25hd3MuY29tL2pzcy1hc3Nld...
img.discountmags.com/ 60 KB
61 KB 180ms
51ms Image
image/webp 13.224.132.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.discountmags.com/https%3A%2F%2Fimg.discountmags.com%2Fproducts%2Fextras%2F430656-coup-de-pouce-cover-2021-march-1-issue.jpg%3Fbg%3DFFF%26fit%3Dscale%26h%3D1019%26mark%3DaHR0cHM6Ly9zMy5hbWF6b25hd3MuY29tL2pzcy1hc3NldHMvaW1hZ2VzL2RpZ2l0YWwtZnJhbWUtdjIzLnBuZw%253D%253D%26markpad%3D-40%26pad%3D40%26w%3D775%26s%3D42133e5850eaf55346fd471a12a061ce?auto=format%2Ccompress&cs=strip&h=1018&w=774&s=89afc18bd84a9cfdaab83954953139a3
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.132.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-132-58.lhr3.r.cloudfront.net
Software: /
Resource Hash: c0a956afd12b12845ada6bdd4ae927baae77e82065c4ae37bb431cf4bf58aeb0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:16:24 GMT
Via: 1.1 46b5aeb0e7bcc8895e9b923ffd4a3896.cloudfront.net (CloudFront), 1.1 a7a209acee14726bdc56f2b8600564e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4, LHR3-C2
Age: 7908
x-amzn-RequestId: 5bc72b7a-4249-4b97-ae06-da1e71a34196
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-apigw-id: Sp8YWHShoAMERQg=
Content-Length: 61798
X-Amzn-Trace-Id: Root=1-65c0a768-0c1a92b7661aff674e64e188;Parent=0cb32c0707c567f0;Sampled=0;lineage=d955bb7d:0
Access-Control-Allow-Methods: GET
Content-Type: image/webp
Cache-Control: max-age=31556952
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization
X-Amz-Cf-Id: iWKok98BE1qSzRznu1voExIVbAVrQzs_kaWFDA80kSa8BcKQCXOvGQ==

GET
BLOB 200
OK 8bfaa24d-ebb9-4009-8eb3-72073ac590f1
https://fr.thptnganamst.edu.vn/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fr.thptnganamst.edu.vn/8bfaa24d-ebb9-4009-8eb3-72073ac590f1
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 /
lookaside.fbsbx.com/lookaside/crawler/media/ 0
0 156ms
156ms Image
text/html 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=727829579140939&get_thumbnail=1
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H/1.1 200
OK SE7vB1YQ1QFBqIRKN
c0.lestechnophiles.com/s1.dmcdn.net/v/ 41 KB
41 KB 245ms
94ms Image
image/jpeg 163.172.169.60
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c0.lestechnophiles.com/s1.dmcdn.net/v/SE7vB1YQ1QFBqIRKN?resize=604,340&key=bdfa332f

Requested by

Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.172.169.60 , France, ASN12876 (Online SAS, FR),

Reverse DNS

60-169-172-163.instances.scw.cloud

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

8fc03ac1246b68ac3614b43a19c461bc933ad1f248e138bed9d255b7dcda730d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 11:28:12 GMT
X-Content-Type-Options: nosniff
X-Bytes-Saved: 2434
Last-Modified: Mon, 05 Feb 2024 06:13:48 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "9752d1d8ecab483f"
X-Cache-Status: HIT
Vary: Accept
Content-Type: image/jpeg
Cache-Control: public, max-age=63115200
Connection: keep-alive
Link: <https://s1.dmcdn.net/v/SE7vB1YQ1QFBqIRKN>; rel="canonical"
Content-Length: 41727
Expires: Wed, 04 Feb 2026 18:13:48 GMT

GET
H2 200 0-M-u4JDDh4jE_hBXACZ_wdf_p1b-aZ6EdDGbruSRU93VTWgL22i0tUorT4mRZ1LC6h8
play-lh.googleusercontent.com/ 7 KB
8 KB 129ms
40ms Image
image/png 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/0-M-u4JDDh4jE_hBXACZ_wdf_p1b-aZ6EdDGbruSRU93VTWgL22i0tUorT4mRZ1LC6h8

Requested by

Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4dff8c3d96d4a7868037de30b82f7e69843628479444bed5dba9436f87f8cc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 10:32:16 GMT
x-content-type-options: nosniff
age: 3356
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7572
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 06 Feb 2024 10:32:16 GMT

GET
H3 200 comment-reply.min.js Show response
fr.thptnganamst.edu.vn/wp-includes/js/ 3 KB
2 KB 63ms
62ms Script
application/javascript 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-includes/js/comment-reply.min.js?ver=6.4.3
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 453206
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
etag: W/"625095f6-ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOBlNBMgg1%2BifZCZNtnEpKgqZqG5JOyR1NxgJAWZVuiQWMocd3yQbX6s%2F98YejXpo0fq0AmXLKKjogwvPw8V%2BlITKEOzI0TOLlpy%2Bd8FMURpoVVdmMbXld3HBzOAptI%2Fh%2B8NRIJ9DiIqxCXgBnCfGtq960wf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acefbabd9b8ee-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 navigation.min.js Show response
fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/js/ 17 KB
5 KB 68ms
67ms Script
application/javascript 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.35
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f9d3680de0b0cae7c0000945d283a0e829b9077c514990dbc214ddcc8067c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6237019
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 11:55:00 GMT
server: cloudflare
etag: W/"64315614-458b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7f8pNmxxI19K1Ly0y%2BteToTdQOB%2BOQ1C2CylVAv01F4AvwrC4Inz3JoCjOaLd35hU9tSFuncdSgVEMdV4QmoZYagzzLjwr33%2FzcTDtKF2GLmQoK0kbFURuuQUXhA2hvJOjKv7nLQGzhMDxtByXrUkq4qVPY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acefbabe5b8ee-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 smush-lazy-load.min.js Show response
fr.thptnganamst.edu.vn/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 65ms
65ms Script
application/javascript 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.6
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5983319
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 11:43:02 GMT
server: cloudflare
etag: W/"64315346-1ef2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfHGJ8vU6vZQ2e7xzdloegKfTi8lKTzA3gLxKNBw%2Bz4X83ACRC%2FxRCXzQfMj2ODANaJDkuvfTt7Trk9qK1GQXpYn8yFmu7RsCPyNEED1ijWupwVJLkawliR7Ym9wdJ5JUsjJIlZud8BCYgyLmjIX39POCr9f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acefbabebb8ee-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 splide.min.js Show response
fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/js/ 29 KB
13 KB 104ms
104ms Script
application/javascript 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/js/splide.min.js?ver=1.1.35
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d49bb711dc02e9b38889229ecf44072b7c6eb4790fd58e21caf546600f3e608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2337608
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 11:55:00 GMT
server: cloudflare
etag: W/"64315614-7444"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwS6lHSYWL%2FCfVvK%2FdbBgLgHdAIiVahJHQewKVPyfcPTRa6NB1qume8wLVf94GPmXzx47ZJ7LvWqkyYAeYib%2F9LN%2FhIKz0ywVdg%2BTGYFAaxvIyupv%2BoRKQDa5w5nk6%2FGY%2F%2FJpR7%2BLmMMaL4ltWxHCUXZXTOE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acefbabeeb8ee-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 splide-init.min.js Show response
fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/js/ 5 KB
2 KB 62ms
62ms Script
application/javascript 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-content/themes/kadence/assets/js/splide-init.min.js?ver=1.1.35
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c951a597072dd7d73e9d7218eb09cb7b0eb51bd5bd240650f71f57feecec2e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5799837
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 11:55:00 GMT
server: cloudflare
etag: W/"64315614-13a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXIpOG%2F6vPpSswGoe9MQiFDJAZMYnOCF09ci6V1hyE10ecYufIoFAXTPnXNW%2BgSEZw%2FPPlIRnXI0vie%2FfMruwb%2BWLblApb4OhswcalxxuOVAShykgR2YlZ2cO%2BNr3J2WczeTssB0ljL%2BsLDQovKwN88niBUS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acefbabf2b8ee-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/ 406 KB
138 KB 189ms
105ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6291286519891530&plah=fr.thptnganamst.edu.vn&bust=31080818

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6291286519891530

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8fe397c575494d03296c765e891ceaf15d9f71598d8e9d06666ef47534d1545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140956
x-xss-protection: 0
server: cafe
etag: 10767631212618013193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 11:28:12 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/ Frame C541 9 KB
5 KB 133ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6291286519891530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 16:04:42 GMT
etag: 3890843268177463596
expires: Sun, 18 Feb 2024 16:04:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 offre-coup-de-pouce-orange.jpg
lemon.fr/wp-content/uploads/2020/12/ 32 KB
32 KB 240ms
48ms Image
image/jpeg 217.69.1.34
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lemon.fr/wp-content/uploads/2020/12/offre-coup-de-pouce-orange.jpg
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.1.34 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 217.69.1.34.vultrusercontent.com
Software: nginx /
Resource Hash: 452d83f84f3f4bfefc71e3e063a15ab76e1196b43ec5d83d3b10d4f77cf1e27d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:12 GMT
last-modified: Mon, 28 Mar 2022 18:42:02 GMT
server: nginx
etag: "6242017a-7f35"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 32565

GET
H3 200 wp-emoji-release.min.js Show response
fr.thptnganamst.edu.vn/wp-includes/js/ 18 KB
5 KB 60ms
60ms Script
application/javascript 2606:4700:3037::ac43:c77b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.thptnganamst.edu.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c77b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 446216
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Apr 2023 15:56:58 GMT
server: cloudflare
etag: W/"64318eca-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RlEj6skPd1MYHi2BWjF8YXuLZGFZAt0n8ncGQry3efx9wX0xxzFyJj%2BE7hwxJ%2FGf6b532iQForUaSwB%2Bx%2BwhBZi2zTAUSC8nvDcue7qyujTFISiz8UBb5cHhom5e%2Bltk4e87eWUmwPSGO1ddZnl9pB0s3me"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 850acefc1c9db8ee-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ca-pub-6291286519891530 Show response
fundingchoicesmessages.google.com/i/ 23 KB
11 KB 294ms
69ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6291286519891530?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6291286519891530&plah=fr.thptnganamst.edu.vn&bust=31080818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

137d5e1f37f7975772d1fda98452d8ca0a95571fcda704ff79a9061bdcba5d56

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q4Ev_Pnwp_xJtQ_grY5kzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-q4Ev_Pnwp_xJtQ_grY5kzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4KghxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZOL6-ZJIAYjUgfif5iukbEO_w8WB5Ez6dlS0CiCums_IBcVzddNYcIOZbN51Vc_101i1nprPuAeKY59NZU4B4MesM1tVAPCVwBuscIHZKn8EaAMSfM2ew_gZin_oZrFFAXHb7HGsdEAvLnWeVBmIhHo4zPc3r2ARe7J36igkAMzdbkg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK CP-Orange1.jpg
longvilliers-yvelines.fr/wp-content/uploads/sites/115/2021/05/ 166 KB
166 KB 395ms
110ms Image
image/jpeg 46.18.231.100
CPRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://longvilliers-yvelines.fr/wp-content/uploads/sites/115/2021/05/CP-Orange1.jpg
Requested by: Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.18.231.100 Salavas, France, ASN197033 (CPRO-AS, FR),
Reverse DNS: campagnolv2-1.campagnol.fr
Software: nginx /
Resource Hash: 3fe26cfb1e8c9978997ae9a362ac62fbfb6f157dfe5dac6796161a0b03765e29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 11:28:12 GMT
Last-Modified: Tue, 04 May 2021 10:11:27 GMT
Server: nginx
ETag: "60911dcf-298f4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 170228

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F54E 164 KB
47 KB 1023ms
1022ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6291286519891530&output=html&adk=1812271804&adf=3025194257&lmt=1707113626&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Ffr.thptnganamst.edu.vn%2Fcollecter-151-imagen-coup-de-pouce-orange%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707132492156&bpp=3&bdt=384&idt=300&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7037238405536&frm=20&pv=2&ga_vid=1560754547.1707132493&ga_sid=1707132493&ga_hid=685786161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809531%2C31080818%2C95320378%2C95320870%2C95321865%2C95324155%2C95324160&oid=2&pvsid=4405783503164113&tmod=1281601973&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=678

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6feca958dfdb3ce992c7ea55747c98a0167d329757e8074cf9493da716a37bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48037
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 11:28:13 GMT
expires: Mon, 05 Feb 2024 11:28:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EA03 90 KB
16 KB 1088ms
1088ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6291286519891530&output=html&h=600&slotname=8393123936&adk=2363945673&adf=1839787983&pi=t.ma~as.8393123936&w=300&fwrn=4&fwrnh=100&lmt=1707113626&rafmt=1&format=300x600&url=https%3A%2F%2Ffr.thptnganamst.edu.vn%2Fcollecter-151-imagen-coup-de-pouce-orange%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707132492156&bpp=2&bdt=384&idt=344&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7037238405536&frm=20&pv=1&ga_vid=1560754547.1707132493&ga_sid=1707132493&ga_hid=685786161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809531%2C31080818%2C95320378%2C95320870%2C95321865%2C95324155%2C95324160&oid=2&pvsid=4405783503164113&tmod=1281601973&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=683

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7b9049e6f41be099fd60bd2c16ed1d8ff57ebcd27dc8075412a0373e7524c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15696
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 11:28:13 GMT
expires: Mon, 05 Feb 2024 11:28:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/ 165 KB
56 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/reactive_library_fy2021.js?bust=31080818

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2bfdabd94a0e90de8f6681e62f398338a08299812d48fceddd5e7c3e9f1b1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57033
x-xss-protection: 0
server: cafe
etag: 12774857775321620034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 11:28:13 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012401091919000/ Frame EA03 196 KB
56 KB 149ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6291286519891530&output=html&h=600&slotname=8393123936&adk=2363945673&adf=1839787983&pi=t.ma~as.8393123936&w=300&fwrn=4&fwrnh=100&lmt=1707113626&rafmt=1&format=300x600&url=https%3A%2F%2Ffr.thptnganamst.edu.vn%2Fcollecter-151-imagen-coup-de-pouce-orange%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707132492156&bpp=2&bdt=384&idt=344&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7037238405536&frm=20&pv=1&ga_vid=1560754547.1707132493&ga_sid=1707132493&ga_hid=685786161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809531%2C31080818%2C95320378%2C95320870%2C95321865%2C95324155%2C95324160&oid=2&pvsid=4405783503164113&tmod=1281601973&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jan 2024 18:47:39 GMT
age: 492035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56104
x-xss-protection: 0
server: sffe
etag: "cf7caf439f3410f8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Jan 2025 18:47:39 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame EA03 15 KB
5 KB 252ms
144ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jan 2024 04:46:22 GMT
age: 542512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5212
x-xss-protection: 0
server: sffe
etag: "d5f0e0ea1e5219b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Jan 2025 04:46:22 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame EA03 95 KB
29 KB 236ms
130ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jan 2024 18:58:08 GMT
age: 491406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29119
x-xss-protection: 0
server: sffe
etag: "7ed328db9ca95286"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Jan 2025 18:58:08 GMT

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame EA03 32 KB
10 KB 230ms
124ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-carousel-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c345e24d86a242dc27149a0789797535705a97cde668399f6b10469dddcd3709

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jan 2024 18:54:28 GMT
age: 491626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10071
x-xss-protection: 0
server: sffe
etag: "e2ff55a63087267b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Jan 2025 18:54:28 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame EA03 5 KB
2 KB 218ms
113ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jan 2024 18:57:18 GMT
age: 491456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1910
x-xss-protection: 0
server: sffe
etag: "b1b3f9c71858a21a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Jan 2025 18:57:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame EA03 40 KB
13 KB 221ms
115ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jan 2024 18:54:28 GMT
age: 491626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12971
x-xss-protection: 0
server: sffe
etag: "0e9793e292f94cd9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Jan 2025 18:54:28 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame EA03 6 KB
2 KB 127ms
123ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-gwd-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

328621d7eb22f4344032ec841b0eadc2b5aa0e67fb9d3fb4dce821c1937b69e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jan 2024 19:10:32 GMT
age: 490662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2435
x-xss-protection: 0
server: sffe
etag: "11e7c79ea5a0f838"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Jan 2025 19:10:32 GMT

GET
H2 200 fr.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EA03 3 KB
3 KB 130ms
42ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fr.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 19:27:25 GMT
x-content-type-options: nosniff
server: cafe
age: 57649
etag: 12021612326893382710
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2724
x-xss-protection: 0
expires: Mon, 05 Feb 2024 19:27:25 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EA03 295 B
664 B 129ms
41ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 07:28:14 GMT
x-content-type-options: nosniff
server: cafe
age: 14400
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 06 Feb 2024 07:28:14 GMT

GET
H2 200 img01-04-06.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 76 KB
76 KB 178ms
92ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/img01-04-06.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b628231885a42bc1dd1b9170ff1d7faf1026817f4b3a14b2a4f5f9065e5adb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78050
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 text01.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 1 KB
1 KB 206ms
119ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/text01.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f45a40040919a2718f76c2c9f3e9d9aeed31810ef7a7bd6d35fd8d0bd00d86d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1277
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 img02.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 45 KB
45 KB 131ms
45ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/img02.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

635e1370bf54ff06e46587b49e35bf077d8690c8f4fc1dd8c3fae7584f401839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45660
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 text02.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 2 KB
2 KB 108ms
105ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/text02.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01ec04d785e40d02e2f6acf28bd0140119cfa2be7a16e8b36a525a50392ca652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 img03.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 66 KB
66 KB 109ms
106ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/img03.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d81e581b18c6bed85968ed9f8d61c54969de5c472ddd52d16d9cabeefc23885c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67094
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 text03.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 2 KB
2 KB 125ms
122ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/text03.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

363b66673565f4c9dcc3da5f2090ef0e19e3445b32a5efe558cb860e0bf69b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1972
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 text04.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 2 KB
2 KB 123ms
120ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/text04.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08efd4f60d2e17f9e52a1d93b7ed837ff637f5d83d83658de33f29800a30a9d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1949
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 text06.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 3 KB
3 KB 124ms
121ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/text06.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fee13e233a10d5e2a2a028585c2878296a76150a8025700d660fb377fb8b70df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 logo.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 3 KB
3 KB 120ms
117ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b9b1b1fb6c228c61ce724c7195cbf7b05886e169c3ea9ce718da37a31847898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2782
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 Mazda_Garantie.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 2 KB
2 KB 121ms
119ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/Mazda_Garantie.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e6c3582465c3a1c2930674e7fff860d03816310739b66a4150e9aa1a65e9d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1607
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 cta.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 539 B
605 B 119ms
116ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/cta.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98b861f29fca5d5dd31d4d43e8da45b611607530d0def1ed3a07f12a04a0af12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 539
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame EA03 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f340f5a5c9821dbd62c38fc67d755d52bb444541792e136cbcc0e514aa8ae8af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/ Frame D6CB 9 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 18:23:57 GMT
etag: 3890843268177463596
expires: Sun, 18 Feb 2024 18:23:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 73134fbfa16854d24caf7cd541ab86d9.js Show response
www.gstatic.com/mysidia/ Frame D6CB 9 KB
5 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4097
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:17:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 Apr 2024 19:07:31 GMT

GET
H2 200 24adaead910fc9a5ff63297aa6506341.js Show response
www.gstatic.com/mysidia/ Frame D6CB 42 KB
16 KB 128ms
41ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/24adaead910fc9a5ff63297aa6506341.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fc3fc15c5174ad3cb04edf14be49d28ff88849b52dda7b758bc5600ee8abefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16666
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:17:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 Apr 2024 19:04:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame D6CB 2 KB
903 B 126ms
125ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 15:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 15:22:53 GMT

GET
H2 200 eef51e917ec1874cc8046feaf7dd0c7d.js Show response
www.gstatic.com/mysidia/ Frame D6CB 23 KB
10 KB 165ms
79ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eef51e917ec1874cc8046feaf7dd0c7d.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a18281bcc09db662574b14a05aebd4f5199bee55297492b273beb6a762ce221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9810
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:17:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 Apr 2024 18:53:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame D6CB 23 KB
9 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:28:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame D6CB 3 KB
1 KB 128ms
127ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 10:24:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 10:24:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame D6CB 20 KB
8 KB 123ms
122ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:28:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D6CB 205 KB
65 KB 184ms
78ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 11:28:14 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame D6CB 37 KB
15 KB 171ms
85ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:17:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 Apr 2024 18:53:19 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012401091919000/ 23 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/amp4ads-host-v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8091888611f7eb943c0c12f70f8bd6c72a8a298382072ce34849bfae8304dd1a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jan 2024 18:49:20 GMT
age: 491934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7820
x-xss-protection: 0
server: sffe
etag: "e5efd4eed9b90417"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 Jan 2025 18:49:20 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/ Frame 67C3 25 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/24adaead910fc9a5ff63297aa6506341.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2670a348434e8e215f987b165ba2f836a30346eb98c04983bafb838dd02003d0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 527467
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4752
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 08:57:07 GMT
expires: Wed, 29 Jan 2025 08:57:07 GMT
last-modified: Thu, 23 Nov 2023 16:48:29 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 img01-04-06.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 76 KB
76 KB 43ms
43ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/img01-04-06.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b628231885a42bc1dd1b9170ff1d7faf1026817f4b3a14b2a4f5f9065e5adb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78050
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 text01.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 1 KB
1 KB 116ms
116ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/text01.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f45a40040919a2718f76c2c9f3e9d9aeed31810ef7a7bd6d35fd8d0bd00d86d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1277
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 img02.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 45 KB
45 KB 62ms
61ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/img02.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

635e1370bf54ff06e46587b49e35bf077d8690c8f4fc1dd8c3fae7584f401839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45660
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 text02.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 2 KB
2 KB 60ms
59ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/text02.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01ec04d785e40d02e2f6acf28bd0140119cfa2be7a16e8b36a525a50392ca652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 img03.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 66 KB
66 KB 118ms
117ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/img03.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d81e581b18c6bed85968ed9f8d61c54969de5c472ddd52d16d9cabeefc23885c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67094
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 text03.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 2 KB
2 KB 125ms
124ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/text03.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

363b66673565f4c9dcc3da5f2090ef0e19e3445b32a5efe558cb860e0bf69b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1972
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 text04.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 2 KB
2 KB 59ms
58ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/text04.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08efd4f60d2e17f9e52a1d93b7ed837ff637f5d83d83658de33f29800a30a9d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1949
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 text06.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 3 KB
3 KB 126ms
125ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/text06.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fee13e233a10d5e2a2a028585c2878296a76150a8025700d660fb377fb8b70df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 3 KB
3 KB 123ms
123ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/logo.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b9b1b1fb6c228c61ce724c7195cbf7b05886e169c3ea9ce718da37a31847898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2782
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Mazda_Garantie.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 2 KB
2 KB 116ms
116ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/Mazda_Garantie.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e6c3582465c3a1c2930674e7fff860d03816310739b66a4150e9aa1a65e9d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1607
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/5919421268003818710/ Frame EA03 539 B
567 B 122ms
122ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5919421268003818710/cta.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98b861f29fca5d5dd31d4d43e8da45b611607530d0def1ed3a07f12a04a0af12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 20:49:33 GMT
date: Tue, 30 Jan 2024 20:49:33 GMT
x-content-type-options: nosniff
age: 484721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 539
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:21:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame D6CB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cc247acb74fb69bc236a1cbea40135985687b932a75ccd2e0c804afb82de611

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 67C3 6 KB
3 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 18:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Feb 2024 18:10:37 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 67C3 34 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Feb 2024 16:47:22 GMT

GET
H3 200 685ed92212f6c176c50a270b24c5ac87.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/ Frame 67C3 134 KB
38 KB 52ms
52ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/685ed92212f6c176c50a270b24c5ac87.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8529a3d64824ccaafaf911b092af10695a1b5cb787a2eb03d727cdddafad5d4a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 19:11:20 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 19:11:20 GMT
age: 490614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39343
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 16:48:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 0b9ea8e917d1e2a08da321910ebcfe6d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/media/ Frame 67C3 6 KB
6 KB 47ms
47ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/media/0b9ea8e917d1e2a08da321910ebcfe6d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25659b4e63999f25b6e3d4d41c8f3c4c343bb0cdff9e40525972e5e63a968daf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 08:57:08 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 30 Jan 2024 08:57:08 GMT
x-content-type-options: nosniff
age: 527466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6578
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 16:48:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 d3da608d2127ca7d943658d6a8e06431.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/media/ Frame 67C3 4 KB
2 KB 48ms
47ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/media/d3da608d2127ca7d943658d6a8e06431.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be13611c2ea038f9f8de85cf650538f4a941efbf289b916066ccb52a2c906b43

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 11:35:19 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Feb 2024 11:35:19 GMT
age: 345175
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1659
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 16:48:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cd42a1e59e342fafeb03e16c9d3c37f4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/media/ Frame 67C3 556 B
392 B 46ms
46ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/media/cd42a1e59e342fafeb03e16c9d3c37f4.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d7dcb3bfd0cd9c9bc997ff12aacb24b7bfd5c150e48230472cbbc9d29a7ea68

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Mon, 03 Feb 2025 06:52:49 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Feb 2024 06:52:49 GMT
age: 102925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 361
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 16:48:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6a5bf2cd93fdcba60fb338acc04c8d34.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/media/ Frame 67C3 594 B
409 B 45ms
45ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/media/6a5bf2cd93fdcba60fb338acc04c8d34.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6dda28efaa1b464a7235c7daf800c6c2ab65d4793cd6bfd5102869f93880fa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Mon, 03 Feb 2025 06:52:49 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Feb 2024 06:52:49 GMT
age: 102925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 378
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 16:48:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 df50c56596019e0eb3eb469212b16d51.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/media/ Frame 67C3 2 KB
905 B 50ms
50ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/media/df50c56596019e0eb3eb469212b16d51.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

636fe79c3b169e6c549d5f6b737595bf0375ead65bd097847f8a15c60a560f95

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 08:57:08 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 08:57:08 GMT
age: 527466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 869
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 16:48:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 genosgfg_700_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/fonts/ Frame 67C3 73 KB
40 KB 47ms
47ms Font
font/ttf 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/fonts/genosgfg_700_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adc5d81d8d9a30eeb1d35e9d9902bcce3bb3d4364135af4d7fb9230eeff74a2c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html
Origin: https://tpc.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 08:57:08 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 08:57:08 GMT
age: 527466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40977
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 16:48:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EA03 0
23 B 81ms
81ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca282TMbAZd6iNu_I1fAPsPy6kAmZ4Om7ddyN_-LzEduGhsvCARABIJGKtzRglYKAgJgHoAHH8OONA8gBCakCthJkG_IUsj6oAwHIAwiqBI8CT9CSrlGYJB5wtX8WMplbykrpnRk9mDe4xyoi1zMLzLD8c8R3Kqka2cSZ9pmrUxF2hY3qwMLPT-fo1CZAsArwDtIbkm9AexkuWljvwHkPajGpyvsc1sxqexrSA6fSRQhHMI5flvTwNSBOVtiSXJ_aG15YWYqxkCoGE3cyjHVcwCiMfPwo3V37DIfF4aCS3i8nBfWrZqxZqwrJx3cR-BcJEN0168CnttXQ0W3ZZ8KTR8lhSFOImK1O0OMoZFJD0nUdzbrMwsL5C7GCu02ONfjJE1LUEV9o02Lo0lt8vOWRQl55XrKazIGPItK6hQepQIJK5bqlUgjoNLWlHodKEE0RprP0Gy4ZitJNH1wKBRDokMAEuO-6hs0EiAWyq879TZIFBAgEGAGSBQQIBRgEoAYugAfcg6NyqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQvpaJENIIJQiA4YBwEAEYHzIC6wI6CIBAgICEgIAESL39wTpYspDKjoyUhAOaCWxodHRwczovL3d3dy5tYXpkYS1hdXRvaGF1cy1mcml0c2NoLXJpZWRlbmJ1cmcuZGUvYmVyYXR1bmctdW5kLWthdWYvYW5nZWJvdGUvYWt0dWVsbGUtYWt0aW9uZW4vbGVhc2luZ3dvY2hlbi-ACgHICwHYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItNjI5MTI4NjUxOTg5MTUzMBgA&sigh=qa4YpDJ8qos&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_daIoYLueuQeuLf3Xh6bC2tbCnuxtPjmaDYf1M4G6L6vs7LRV_xqkyCvpXJOuo1fvx8-rw1TB055b7tx8lcXVueQigH7lQ1X1omkYAQ&template_id=419&cbvp=2

Requested by

Host: fr.thptnganamst.edu.vn
URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6291286519891530&output=html&h=600&slotname=8393123936&adk=2363945673&adf=1839787983&pi=t.ma~as.8393123936&w=300&fwrn=4&fwrnh=100&lmt=1707113626&rafmt=1&format=300x600&url=https%3A%2F%2Ffr.thptnganamst.edu.vn%2Fcollecter-151-imagen-coup-de-pouce-orange%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707132492156&bpp=2&bdt=384&idt=344&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7037238405536&frm=20&pv=1&ga_vid=1560754547.1707132493&ga_sid=1707132493&ga_hid=685786161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44809531%2C31080818%2C95320378%2C95320870%2C95321865%2C95324155%2C95324160&oid=2&pvsid=4405783503164113&tmod=1281601973&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=683
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Feb 2024 11:28:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Feb 2024 11:28:14 GMT

GET
H3 200 a470fcb8f1c10c9412b8cfebd672a26c.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/media/ Frame 67C3 13 KB
4 KB 40ms
39ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/media/a470fcb8f1c10c9412b8cfebd672a26c.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d954eef7671f838b9b8b42128b3bce46d5ea641a825deb9ec327822f8b172d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14289654686804707699/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Mon, 03 Feb 2025 06:52:50 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Feb 2024 06:52:50 GMT
age: 102924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3850
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 16:48:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D6CB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CVrbPTMbAZYfZNYuM1fAPt7mWoAS7nrXQdeXgooz9EdnZHhABIJGKtzRglYKAgJgHoAGSieW7KMgBCakCRMIPqnAZsj6oAwHIA0iqBJgCT9D73_85xfO_Cg7aJF5q0CLJbjRk9TuGQEdBMAA...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229642461026144300004%22,%22debug_reporting%22:true,%22destination%22:%22https://meinebank.de%22,%22event_report_window%22:%...

0
0

151ms
70ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229642461026144300004%22,%22debug_reporting%22:true,%22destination%22:%22https://meinebank.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210862806162%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22957666655389775617%22}&andc=true

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9642461026144300004","debug_reporting":true,"destination":"https://meinebank.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10862806162"],"22":["true"],"4":["02-05"],"6":["true"]},"priority":"500","source_event_id":"957666655389775617"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Feb 2024 11:28:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Feb 2024 11:28:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9642461026144300004","debug_reporting":true,"destination":"https://meinebank.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10862806162"],"22":["true"],"4":["02-05"],"6":["true"]},"priority":"500","source_event_id":"957666655389775617"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 84ms
83ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240131&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

466d79c171f507bd95b1164383df105acaef75b8ea53631dde54f723a73b3ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12401
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame B718 51 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 491862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 18:50:32 GMT

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 67C3 51 KB
19 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 491862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 18:50:32 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 170ms
71ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 05 Feb 2024 11:28:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 11:28:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CE9C 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 10:38:42 GMT
expires: Tue, 04 Feb 2025 10:38:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C08F 829 B
1 KB 139ms
51ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

843fec503cf8c2a4afa5499badb1f4757309827147cac0a99e60aec1b427df9f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ge3v3YqPoAHBoD1wv85L6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Ge3v3YqPoAHBoD1wv85L6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 11:28:14 GMT
expires: Mon, 05 Feb 2024 11:28:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame CE9C 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 08:42:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 08:42:09 GMT

GET
H2 200 orange(48).png
www.universfreebox.com/UserFiles/image/ 68 KB
68 KB 229ms
48ms Image
image/webp 51.159.16.19
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.universfreebox.com/UserFiles/image/orange(48).png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.159.16.19 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-159-16-19.rev.poneytelecom.eu
Software: nginx/1.14.2 /
Resource Hash: 1158737a210c9ff803f23317a503235d030b270f5996680423df019f5c59a699

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:14 GMT
last-modified: Fri, 18 Oct 2019 12:43:15 GMT
server: nginx/1.14.2
etag: "5da9b363-10e8a"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 69258
expires: Tue, 04 Feb 2025 11:28:14 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CE9C 0
11 B 39ms
39ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZOGzFg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:28:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C08F 0
0 181ms
181ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240131&jk=4405783503164113&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 188ms
188ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240131&jk=4405783503164113&bg=!KyilKGfNAAa8BdJLnAU7ADQBe5WfOLxXZOqXb2drPzzgrSdGAwZwSxZY7wdUf4zpSfn0WjiWIUjRUWkn6bNPlwkPPlCxAgAAAD5SAAAAAmgBB5kC0jTeKQb-xptMEp5j8DcuPU6aHcjIK902EODc_RgCrsy7fwi-QKS3V_jhLifRflkMYQmnxl2ERhM-7HydgS5ZrrWhTE4SRayqofbGvzmLVnmjUP1pfp4afEigahPBExuqgEOCHXBWImSvdl2YnD9Xhd6O_bgHV4En7mJ40tjtxJROU5RBX5ajoTk8YYsvWG8EPymW6nXeunBUSUDPmQeynC-uv3BD-0IfoxmMHMrGJibRCRl25jWcil5NwyBI3yu6C_-kyzBXJefGa9T50rg8wF2-1BHKlPnt2D_pxGI9GTGP1rpuOX4Kf4D7Uze1DhxEA23q74ky3f6piBQgVsPCxKALZW9-jrA4s6ECAVchCUnjk94914Zhtujim-O3ErVlM2qnAK5OgnAvQZJMgj-fMz6P6YeHtIswBMU5Ae6C9Uw3CQxevLDHBoUCbyWvXZhGGoZ1R5gKuTBsFPWANJ7dXB8DZtV149yrItreRbGizGCq0A3iHYkv8vpS_GWho8_S9uVhFc5eskzsb3vyn_HQCVb3lOA_XRuewjFeIVM0H7otbjkoj5SeGEDikCOSk6-Xvjgl79GwFC6EF2ldvlWUkmE2Yo_nNiv9_fiW1NFgOWKmWQkPv4wQcn9Jk8iqvV1Yi37fZougUoeszbqJ9MrqZSj-uReL5S3v69Fxg51kSTg6j1FJFDdvIs0d3ahFk-tUVi6pu2vfNbShre3fAag_PTNol15WjUD2bPly-atQM_kXcIJ7cYOqDF4nC7ytF1LxdfXLUFGX-AGNlnBgrFmpnGuFPRTJ0UaTjY_ZZFDRdvuSXorftkaueXdWEVSY2Nxfof_0M0eqO-JXPwdIm2O9jNiZW5yi9H3JiQcZ6tscEJNtQ8ZT08hw0Yd-laRm1tixWQdIBL4jh34xlDA5v1gp6lZNB6sAwnfzLyhu_k_wU_17nFDFElL2Ic_MFbNTShPOuZL5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D6CB 42 B
64 B 198ms
197ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPD6qUWmnlfeUo1tWtogirqA6h76NMA1Yfq38R7bPZfrSMH_VY728MNOzjO22cEdnP7LY-kNIohU3F9uX7wTcrXeyLyJ6rnzZ5zTs82Yicvd9-syTa8MFOA7vrarJcuTTSLf4NzAime0hO1tXieUMIIquVzb21E7K9&sai=AMfl-YTkhu3j_AEMv-RNVEj5ndLzNbtUjxIfEqM4ppRt20F9hcHcnzRcqfvOc1TOWho0dJSXTktsXSQ2DMINT1AicEvBL3xB8S8iNREvjR3ApMEfhVhu0RbXpaAHMMNEyk6gSoYSerNQxVAd9URps2CV3Q&sig=Cg0ArKJSzBMF6mZXTjTlEAE&cid=CAQSTwAvHhf_dMEnWh6R-gytRWCglq157SGE1OShqx5P8cwCHivn4JIbE5ifbFyP25jUcdUoHn0PB5sTgg-cG_9Qa3uBh9xOwP_gouv31Bn4tqAYAQ&id=lidar2&mcvt=1000&p=0,0,123.98565673828125,1005&mtos=0,772,1000,1061,1061&tos=0,772,228,61,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=306529400&rst=1707132494027&rpt=324&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 11:28:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EA03 42 B
64 B 192ms
192ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9zPegUgUAw1Ws40i8tID93gi1NRTT9hBnOxJtkXhG4qmaGHVJP9zpXVbKi0cxtAbFZSwcDJMkO9_5Cw1jZapA5-CXIQ8dxGYzwrNe2F7iv6-d7zfb5xsM-G-HN7dYuuiZXcBm-GGPQHt9aUDeuKBtZ16qvAhEiyZf&sai=AMfl-YR77KFUOyvfXzAJp5ytMIj0fRuMIiGOwCyM4swSvN4Jn7dpWP28aur89lymgc3r9q_K7mCZftK8X0Jidmi7VliEmeItL8dLL2IEs-QTAWct27vaTFAgFB3vhBN9jNHUfc6iFEvAIhFpT44AlTJbqQ&sig=Cg0ArKJSzATMWDDhk8HvEAE&cid=CAQSTwAvHhf_daIoYLueuQeuLf3Xh6bC2tbCnuxtPjmaDYf1M4G6L6vs7LRV_xqkyCvpXJOuo1fvx8-rw1TB055b7tx8lcXVueQigH7lQ1X1omkYAQ&id=ampim&o=650,250&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=1594&tls=2595&g=100&h=100&tt=2595&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 11:28:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thptnganamst.edu.vn/	1970-01-21 03:33:48	Name: __gads Value: ID=d342fa1072078be6:T=1707132492:RT=1707132492:S=ALNI_MYZ4SXPf8cDg9nzb36vHSxxAzhPLA
.thptnganamst.edu.vn/	1970-01-21 03:33:48	Name: __gpi Value: UID=00000d50ad0246e2:T=1707132492:RT=1707132492:S=ALNI_MZoD8rx9NFktFo3pegOPgrXl_utQQ
.thptnganamst.edu.vn/	1970-01-20 22:31:24	Name: __eoi Value: ID=634e93fd94745c11:T=1707132492:RT=1707132492:S=AA-AfjZpmxnbTV8fLWhhQgsqOPGV
.doubleclick.net/	1970-01-21 03:33:48	Name: IDE Value: AHWqTUnUKwscoOJSNfg5ZtraH5-gUUjj1Zt8u_BJ0O6w7gzXxhzJ_jc1z6-yjYWK2xM
.googleadservices.com/	1970-01-20 20:21:48	Name: ar_debug Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.tiktok.com/api/img/?itemId=7196607465788607750&location=0&aid=1988 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fr.thptnganamst.edu.vn/collecter-151-imagen-coup-de-pouce-orange/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c0.lestechnophiles.com
cdn.ampproject.org
fr.thptnganamst.edu.vn
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
img.discountmags.com
lafibre.info
lemon.fr
longvilliers-yvelines.fr
lookaside.fbsbx.com
pagead2.googlesyndication.com
pic.clubic.com
play-lh.googleusercontent.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.tiktok.com
www.universfreebox.com
13.224.132.58
142.250.181.226
163.172.169.60
184.86.251.135
217.69.1.34
2606:4700:20::681a:171
2606:4700:3037::ac43:c77b
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2016
2a00:1450:4001:811::2001
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:831::2003
2a03:2880:f084:105:face:b00c:0:3
2a0b:cbc0:10:1af1:b2e::1f0
46.18.231.100
51.159.16.19
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
01ec04d785e40d02e2f6acf28bd0140119cfa2be7a16e8b36a525a50392ca652
055486b8ef198b37f47f0cd509ca420d37404f693ab5d8600bf366291f131be7
062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
08efd4f60d2e17f9e52a1d93b7ed837ff637f5d83d83658de33f29800a30a9d3
0b9b1b1fb6c228c61ce724c7195cbf7b05886e169c3ea9ce718da37a31847898
0d7dcb3bfd0cd9c9bc997ff12aacb24b7bfd5c150e48230472cbbc9d29a7ea68
10a2439001d53cac93726a7b6f5b1fbc3dc1af341589c3a1759703c66bf21fed
1158737a210c9ff803f23317a503235d030b270f5996680423df019f5c59a699
120c5aae636d76719b193c7f37aa662a5eeecb343011123d22a1b3991b623576
137d5e1f37f7975772d1fda98452d8ca0a95571fcda704ff79a9061bdcba5d56
1d49bb711dc02e9b38889229ecf44072b7c6eb4790fd58e21caf546600f3e608
1e6c3582465c3a1c2930674e7fff860d03816310739b66a4150e9aa1a65e9d79
1fc3fc15c5174ad3cb04edf14be49d28ff88849b52dda7b758bc5600ee8abefa
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
25659b4e63999f25b6e3d4d41c8f3c4c343bb0cdff9e40525972e5e63a968daf
2670a348434e8e215f987b165ba2f836a30346eb98c04983bafb838dd02003d0
2cc247acb74fb69bc236a1cbea40135985687b932a75ccd2e0c804afb82de611
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328621d7eb22f4344032ec841b0eadc2b5aa0e67fb9d3fb4dce821c1937b69e8
363b66673565f4c9dcc3da5f2090ef0e19e3445b32a5efe558cb860e0bf69b04
36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f
3f5a33801c2430f432473ae8c2dbb94d907f8453627ef4e9b70354b25f7f7cad
3fe26cfb1e8c9978997ae9a362ac62fbfb6f157dfe5dac6796161a0b03765e29
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
452d83f84f3f4bfefc71e3e063a15ab76e1196b43ec5d83d3b10d4f77cf1e27d
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
466d79c171f507bd95b1164383df105acaef75b8ea53631dde54f723a73b3ff3
4dff8c3d96d4a7868037de30b82f7e69843628479444bed5dba9436f87f8cc9d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5405ca68d94de128d658b9e172d95e4341a4e454a6039920e89722fac899830e
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a18281bcc09db662574b14a05aebd4f5199bee55297492b273beb6a762ce221
5f6dda28efaa1b464a7235c7daf800c6c2ab65d4793cd6bfd5102869f93880fa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635e1370bf54ff06e46587b49e35bf077d8690c8f4fc1dd8c3fae7584f401839
636fe79c3b169e6c549d5f6b737595bf0375ead65bd097847f8a15c60a560f95
643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
6b628231885a42bc1dd1b9170ff1d7faf1026817f4b3a14b2a4f5f9065e5adb3
6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6feca958dfdb3ce992c7ea55747c98a0167d329757e8074cf9493da716a37bfd
7f03b0c69f100c6aacb65b920e8ab1feec9b73853c23521dc220f65f89a5e0f6
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8091888611f7eb943c0c12f70f8bd6c72a8a298382072ce34849bfae8304dd1a
843fec503cf8c2a4afa5499badb1f4757309827147cac0a99e60aec1b427df9f
8529a3d64824ccaafaf911b092af10695a1b5cb787a2eb03d727cdddafad5d4a
85d954eef7671f838b9b8b42128b3bce46d5ea641a825deb9ec327822f8b172d
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
8c951a597072dd7d73e9d7218eb09cb7b0eb51bd5bd240650f71f57feecec2e3
8f9d3680de0b0cae7c0000945d283a0e829b9077c514990dbc214ddcc8067c2b
8fc03ac1246b68ac3614b43a19c461bc933ad1f248e138bed9d255b7dcda730d
9406b56e56d0047ecaa50f05b36528c1d9e82c6fe2696596f71a00a8f0e41822
98b861f29fca5d5dd31d4d43e8da45b611607530d0def1ed3a07f12a04a0af12
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a1f2bbe6a7d3e39287bbd274b452555733186e1de4f717319c2703e069bc3fad
adc5d81d8d9a30eeb1d35e9d9902bcce3bb3d4364135af4d7fb9230eeff74a2c
b52bfd72a0a8f321e2f49bd172bcd4f01bf14dde6416317d05ba15e5d1dd8f42
bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be13611c2ea038f9f8de85cf650538f4a941efbf289b916066ccb52a2c906b43
c0a956afd12b12845ada6bdd4ae927baae77e82065c4ae37bb431cf4bf58aeb0
c345e24d86a242dc27149a0789797535705a97cde668399f6b10469dddcd3709
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
d2bfdabd94a0e90de8f6681e62f398338a08299812d48fceddd5e7c3e9f1b1e2
d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4
d81e581b18c6bed85968ed9f8d61c54969de5c472ddd52d16d9cabeefc23885c
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe397c575494d03296c765e891ceaf15d9f71598d8e9d06666ef47534d1545
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f1dc84e4ef961b787e21d203ce06521cced0634ae8b6fc41718f3770d7a42c
f340f5a5c9821dbd62c38fc67d755d52bb444541792e136cbcc0e514aa8ae8af
f45a40040919a2718f76c2c9f3e9d9aeed31810ef7a7bd6d35fd8d0bd00d86d2
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f7b9049e6f41be099fd60bd2c16ed1d8ff57ebcd27dc8075412a0373e7524c14
fee13e233a10d5e2a2a028585c2878296a76150a8025700d660fb377fb8b70df
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

fr.thptnganamst.edu.vn Open in urlscan Pro 2606:4700:3037::ac43:c77b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

98 %HTTPS

65 %IPv6

18 Domains

20 Subdomains

21 IPs

3 Countries

2967 kBTransfer

4992 kBSize

5 Cookies

0 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fr.thptnganamst.edu.vn Open in urlscan Pro
2606:4700:3037::ac43:c77b Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

98 %
HTTPS

65 %
IPv6

18
Domains

20
Subdomains

21
IPs

3
Countries

2967 kB
Transfer

4992 kB
Size

5
Cookies

109 HTTP transactions
3 data transactions