212.27.63.113 Open in urlscan Pro
212.27.63.113 Malicious Activity! Public Scan

URL:
http://212.27.63.113/
Submission: On June 11 via manual (June 11th 2021, 4:47:30 am UTC) from JP

Summary HTTP 69 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 9 domains to perform 69 HTTP transactions. The main IP is 212.27.63.113, located in Fresnes, France and belongs to PROXAD, FR. The main domain is 212.27.63.113.

This is the only time 212.27.63.113 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Free (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	212.27.63.113 212.27.63.113	12322 (PROXAD) (PROXAD)
13	212.27.63.220 212.27.63.220	12322 (PROXAD) (PROXAD)
2	212.27.48.10 212.27.48.10	12322 (PROXAD) (PROXAD)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
69	17

1 212.27.63.113 (Fresnes, France)

ASN12322 (PROXAD, FR)
PTR: perso113-g5.free.fr

212.27.63.113	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 212.27.63.220 (Fresnes, France)

ASN12322 (PROXAD, FR)
PTR: hperso-1.free.fr

pageperso.free.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.27.48.10 (Fresnes, France)

ASN12322 (PROXAD, FR)
PTR: www.free.fr

passback.free.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

248cfa8be3b7d4738a900cc8114bf27c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4ed2b3291d3efcbdd01071f265dfbf92.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com 248cfa8be3b7d4738a900cc8114bf27c.safeframe.googlesyndication.com 4ed2b3291d3efcbdd01071f265dfbf92.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	128 KB
15	free.fr pageperso.free.fr passback.free.fr	22 KB
10	ampproject.org cdn.ampproject.org	200 KB
8	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	247 KB
6	google.com 2 redirects adservice.google.com www.google.com	2 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	google.de adservice.google.de	975 B
2	googletagservices.com www.googletagservices.com	42 KB
69	9

	Domain	Requested by
13	pageperso.free.fr	212.27.63.113 pageperso.free.fr
11	tpc.googlesyndication.com	passback.free.fr securepubads.g.doubleclick.net tpc.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net passback.free.fr
4	www.google.com	2 redirects tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	passback.free.fr
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.googletagservices.com	passback.free.fr
2	passback.free.fr	212.27.63.113
1	4ed2b3291d3efcbdd01071f265dfbf92.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	248cfa8be3b7d4738a900cc8114bf27c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
69	15

This site contains links to these domains. Also see Links.

Domain
www.free.fr
portail.free.fr
subscribe.free.fr
imp.free.fr
pagesperso.free.fr
dl.free.fr

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://212.27.63.113/
Frame ID: A52B11292254BBBC58B6FA1FBDEEC165
Requests: 14 HTTP requests in this frame

Frame: http://passback.free.fr/pub/pp_300x250.html
Frame ID: AD84A3CE47D3ADC3BF908F548C9F6026
Requests: 10 HTTP requests in this frame

Frame: http://passback.free.fr/pub/pp_120x600.html
Frame ID: 718028C049AC5CDD5794DF39E391CC4E
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 639287218259A94AA061C86E52D332C2
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 6A730FFC4AD95E315268EC784FE393B6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E65B615DFF0071780C8D0618685FE3AF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: CA10BBE17CFFEA7F79578370CDE89263
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 8043A21099FABF23C1D33B965A26FF8C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 25F570ECFB80436F4255C76DAAB1ED98
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

69
Requests

74 %
HTTPS

75 %
IPv6

9
Domains

15
Subdomains

17
IPs

3
Countries

685 kB
Transfer

1784 kB
Size

0
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: http://www.free.fr/adsl/index.html
Title: Free

Search URL Search Domain Scan URL

URL: http://portail.free.fr/
Title: Portail

Search URL Search Domain Scan URL

URL: http://subscribe.free.fr/free50h/
Title: Bas débit

Search URL Search Domain Scan URL

URL: http://imp.free.fr/
Title: Webmail

Search URL Search Domain Scan URL

URL: http://subscribe.free.fr/login/
Title: Mon Compte

Search URL Search Domain Scan URL

URL: http://pagesperso.free.fr/
Title: Pages Perso

Search URL Search Domain Scan URL

URL: http://dl.free.fr/
Title: Envois de gros fichiers

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/internet.html
Title: Internet

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/telephone.html
Title: Téléphone

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/television.html
Title: Télévision

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/boutique.html
Title: Boutique

Search URL Search Domain Scan URL

URL: http://www.free.fr/assistance
Title: Assistance

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/accueil/plus-de-20-exclusivites.html
Title: Plus de 20 exclusivités

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/accueil/presentation-freebox-hd.html
Title: Présentation de la Freebox HD

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/accueil/carte-de-degroupage.html
Title: Carte de dégroupage

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/internet/connexion.html
Title: Connexion

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/internet/votre-web.html
Title: Votre web

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/tarifs-telephonie.html
Title: Les tarifs de la téléphonie

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/services-de-telephonie.html
Title: Services de téléphonie

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/services-de-telephonie/annuaire.html
Title: Annuaire téléphonique

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/services-de-telephonie/la-messagerie-vocale.html
Title: La messagerie vocale

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/services-de-telephonie/les-services-lies-aux-appels-entrants.html
Title: Les services liés aux appels entrants

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/services-de-telephonie/les-services-lies-aux-appels-sortants.html
Title: Les services liés aux appels sortants

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/services-de-telephonie/les-autres-services-inclus.html
Title: Les autres services inclus

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/ligne-telephonique-incluse.html
Title: Ligne téléphonique incluse

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/ligne-telephonique-incluse/sans-abonnement-telephonique.html
Title: Sans abonnement téléphonique

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/ligne-telephonique-incluse/portabilite-du-numero-geographique.html
Title: Portabilité du numéro géographique

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/telephone/ligne-telephonique-incluse/migrer-vers-le-degroupage-total.html
Title: Migrer vers le dégroupage total

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-television.html
Title: Services de télévision

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-television/acces-a-plus-250-chaines.html
Title: Accès à + de 250 chaines

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-television/magnetoscope-numerique.html
Title: Magnétoscope numérique

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-television/services-inclus.html
Title: Services inclus

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-vod.html
Title: Services de VOD

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-vod/free-home-video.html
Title: Free Home Video

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/services-de-vod/autres-services-de-vod.html
Title: Les autres services VOD

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/tv-perso.html
Title: TV Perso

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/television/telesites.html
Title: Télésites

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pdf/fiche-information-standardisee.pdf
Title: Fiche d'information standardisée

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pdf/CGV_Freebox_20080601.pdf
Title: Conditions Générales de Vente

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pdf/brochure_tarifaire_01062008.pdf
Title: Brochure tarifaire

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/informations-legales/signaler-un-contenu.html
Title: Signaler un contenu illicite

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/informations-legales/protection-de-l-enfance.html
Title: Protection de l'enfance

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/informations-legales/free-la-societe.html
Title: Free, la société

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/informations-legales/free-recrute.html
Title: Free recrute

Search URL Search Domain Scan URL

URL: http://www.free.fr/adsl/pages/informations-legales/nous-contacter.html
Title: Nous contacter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 60

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 500
Internal Server Error Primary Request / Show response
212.27.63.113/ 11 KB
11 KB 57ms
46ms Document
text/html 212.27.63.113
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: http://212.27.63.113/
Protocol: HTTP/1.1
Server: 212.27.63.113 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: perso113-g5.free.fr
Software: Apache/ProXad [Jan 23 2019 20:05:46] /
Resource Hash: b2d16a69731aa34e17a1b99d459ec0d2b679e6ecadca3daf54cbea5f70123fc1

Request headers

Host: 212.27.63.113
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:47:12 GMT
Server: Apache/ProXad [Jan 23 2019 20:05:46]
Connection: close
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK free.css
pageperso.free.fr/im/css/ 6 KB
6 KB 61ms
48ms Stylesheet
text/css 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: http://pageperso.free.fr/im/css/free.css
Requested by: Host: 212.27.63.113
URL: http://212.27.63.113/
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 72ecae8cfd1e77e78b59072abebc9c1f38ef5205c874307342694ed8be26fa91

Request headers

Referer: http://212.27.63.113/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Mon, 08 Sep 2008 14:50:57 GMT
Server: lighttpd/1.4.28
ETag: "14177254"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 6133

GET
H/1.1 200
OK pp_300x250.html Show response
passback.free.fr/pub/ Frame AD84 3 KB
1 KB 65ms
47ms Document
text/html 212.27.48.10
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: http://passback.free.fr/pub/pp_300x250.html
Requested by: Host: 212.27.63.113
URL: http://212.27.63.113/
Protocol: HTTP/1.1
Server: 212.27.48.10 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: www.free.fr
Software: nginx/1.14.2 /
Resource Hash: 1ec8747e218048f0509f9ab925a516cc44385b804d1d27f63e3f8139aa3eb4fe

Request headers

Host: passback.free.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://212.27.63.113/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://212.27.63.113/

Response headers

Server: nginx/1.14.2
Date: Fri, 11 Jun 2021 04:47:12 GMT
Content-Type: text/html
Last-Modified: Wed, 11 Oct 2017 14:57:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"59de3155-cea"
Content-Encoding: gzip

GET
H/1.1 200
OK pp_120x600.html Show response
passback.free.fr/pub/ Frame 7180 3 KB
1 KB 64ms
47ms Document
text/html 212.27.48.10
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: http://passback.free.fr/pub/pp_120x600.html
Requested by: Host: 212.27.63.113
URL: http://212.27.63.113/
Protocol: HTTP/1.1
Server: 212.27.48.10 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: www.free.fr
Software: nginx/1.14.2 /
Resource Hash: e9edf15f42b6de85435769aa7410dc4ad6efffbcb67db5016d0c475862f16fcd

Request headers

Host: passback.free.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://212.27.63.113/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://212.27.63.113/

Response headers

Server: nginx/1.14.2
Date: Fri, 11 Jun 2021 04:47:12 GMT
Content-Type: text/html
Last-Modified: Wed, 11 Oct 2017 14:57:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"59de3177-ce8"
Content-Encoding: gzip

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7180 62 KB
21 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_120x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6392c7619b4b6585380217665b01c62cc632ecdfe955153b586e5eedb2ef0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 04:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "899 / 315 of 1000 / last-modified: 1623363152"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21435
x-xss-protection: 0
expires: Fri, 11 Jun 2021 04:47:12 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame AD84 62 KB
21 KB 37ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_300x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

177ebb35a735e9e11c5eb72933843b73e5625ef2dadf80f1a32fefd0817f00d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 04:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "899 / 643 of 1000 / last-modified: 1623363152"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21316
x-xss-protection: 0
expires: Fri, 11 Jun 2021 04:47:12 GMT

GET
H/1.1 200
OK bg.png
pageperso.free.fr/im/free2008/ 306 B
540 B 119ms
48ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/bg.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: e02b42843aedd3c11ad49fe161d24ca711eb88b02bbd5582321759862b8406bf

Request headers

Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Mon, 19 May 2008 08:40:45 GMT
Server: lighttpd/1.4.28
ETag: "1482624382"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 306

GET
H/1.1 200
OK logo.png
pageperso.free.fr/im/free2008/ 4 KB
4 KB 120ms
48ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/logo.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 83b3b4104d64db388da6f4a07ab0a1b49ca4dd69b3f83e29f005c3237448b117

Request headers

Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Mon, 19 May 2008 08:40:45 GMT
Server: lighttpd/1.4.28
ETag: "1205849292"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3930

GET
H/1.1 200
OK accueil.png
pageperso.free.fr/im/free2008/ 753 B
987 B 119ms
48ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/accueil.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 1c0a4c95a402353a78175b8672d35bd4d9cffcedc2e6739d9c8441c623d04dc7

Request headers

Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Tue, 03 Jun 2008 17:20:32 GMT
Server: lighttpd/1.4.28
ETag: "3260016017"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H/1.1 200
OK internet_active.png
pageperso.free.fr/im/free2008/ 1 KB
1 KB 120ms
48ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/internet_active.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 852ef53f85798703dcb67f2c75fdb1b6ec1faaebcdc75ba09b7a697219438e90

Request headers

Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Mon, 02 Jun 2008 08:22:13 GMT
Server: lighttpd/1.4.28
ETag: "565180604"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1294

GET
H/1.1 200
OK telephone.png
pageperso.free.fr/im/free2008/ 914 B
1 KB 120ms
48ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/telephone.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: f47ffd80f76614ac170fecef17a153f992e5ed85091d98a47c16b61fae3e2ff9

Request headers

Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Mon, 02 Jun 2008 08:22:13 GMT
Server: lighttpd/1.4.28
ETag: "2370582924"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 914

GET
H/1.1 200
OK television.png
pageperso.free.fr/im/free2008/ 925 B
1 KB 120ms
48ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/television.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 8572ae3b234174c68c9efc17a0490d1028fe6698ce998dcc3a001a1d69583beb

Request headers

Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Mon, 02 Jun 2008 08:22:14 GMT
Server: lighttpd/1.4.28
ETag: "3184490891"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 925

GET
H/1.1 200
OK boutique.png
pageperso.free.fr/im/free2008/ 804 B
1 KB 52ms
48ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/boutique.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: f02b68452d6d52d6636dad5e49fdf61f82188030f1964429a35bcb6554b4ae8d

Request headers

Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Mon, 02 Jun 2008 08:22:12 GMT
Server: lighttpd/1.4.28
ETag: "2639227279"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 804

GET
H/1.1 200
OK assistance.png
pageperso.free.fr/im/free2008/ 898 B
1 KB 52ms
49ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/assistance.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 973ad4a473e86e40b39ff83443d0b9fbac7e847248906db91456c80b9781ae27

Request headers

Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Mon, 02 Jun 2008 08:22:11 GMT
Server: lighttpd/1.4.28
ETag: "189749644"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 898

GET
H/1.1 200
OK sub-menu-background.png
pageperso.free.fr/im/free2008/ 84 B
317 B 51ms
48ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/sub-menu-background.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 7c365b3aaa063df2c5f9fb2c3730e64cb4a4630f124c9e0cdc5741725a21cf60

Request headers

Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Wed, 11 Jun 2008 14:41:06 GMT
Server: lighttpd/1.4.28
ETag: "1747750960"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 84

GET
H/1.1 200
OK textbox-background.png
pageperso.free.fr/im/free2008/ 126 B
360 B 52ms
48ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/textbox-background.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 54e37513da06f78172637fb11030de53d01b815e3be37e41566285b5e0f74057

Request headers

Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Mon, 19 May 2008 08:55:58 GMT
Server: lighttpd/1.4.28
ETag: "2019549527"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 126

GET
H/1.1 200
OK bg-bottom.png
pageperso.free.fr/im/free2008/ 226 B
460 B 52ms
48ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/bg-bottom.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 34ad0a4de1c78a4fab7363d481943e06047c413f4cec790af0a04a1ffda0237c

Request headers

Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Mon, 19 May 2008 08:40:45 GMT
Server: lighttpd/1.4.28
ETag: "2019493244"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 226

GET
H/1.1 200
OK separator.png
pageperso.free.fr/im/free2008/ 88 B
321 B 51ms
48ms Image
image/png 212.27.63.220
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pageperso.free.fr/im/free2008/separator.png
Requested by: Host: pageperso.free.fr
URL: http://pageperso.free.fr/im/css/free.css
Protocol: HTTP/1.1
Server: 212.27.63.220 Fresnes, France, ASN12322 (PROXAD, FR),
Reverse DNS: hperso-1.free.fr
Software: lighttpd/1.4.28 /
Resource Hash: 10bcb31b67ea338f3bf0b077883eb436ceee5fa58d3c18c056e35387abb28e75

Request headers

Referer: http://pageperso.free.fr/im/css/free.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 04:40:03 GMT
Last-Modified: Mon, 19 May 2008 08:40:45 GMT
Server: lighttpd/1.4.28
ETag: "3996803251"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 88

GET
H2 200 pubads_impl_2021060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7180 326 KB
115 KB 70ms
26ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 04:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 08:43:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116890
x-xss-protection: 0
expires: Fri, 11 Jun 2021 04:47:12 GMT

GET
H2 200 pubads_impl_2021060701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame AD84 318 KB
112 KB 80ms
45ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

094c1111eeb737673d376e2598c9abfad2c1dadeab91522940bbf5d2ff512a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 04:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 08:45:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Fri, 11 Jun 2021 04:47:12 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7180 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=passback.free.fr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 04:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7180 107 B
570 B 35ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=passback.free.fr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 04:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7180 40 KB
10 KB 443ms
415ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1510357633933230&correlator=221041925808018&output=ldjh&impl=fifs&eid=31060978%2C31061413%2C31061143%2C31061149%2C31061029&vrg=2021060901&ptt=17&sc=0&sfv=1-0-38&ecs=20210611&iu_parts=22336046%2C03_lowcost_pagesperso_web%2Crg_sky&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600&prev_scp=pos%3Ddroite-sky%26ad_group%3Dad_opt&eri=1&cust_params=env%3Dprod&cdm=passback.free.fr&bc=23&abxe=1&lmt=1507733879&dt=1623386832512&dlt=1623386832312&idt=177&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=120&ish=600&oid=3&adxs=0&adys=0&adks=837864984&ucis=nzvoesogrsht&ifi=1&ifk=1340665504&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fpassback.free.fr%2Fpub%2Fpp_120x600.html&ref=http%3A%2F%2F212.27.63.113%2F&top=http%3A%2F%2F212.27.63.113%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=120x600&msz=120x0&ga_vid=299616411.1623386833&ga_sid=1623386833&ga_hid=263476640&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

3174f177d678536d29de1b7601d9cfbd7d0e4b2ece52629853324141518f71fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 04:47:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10252
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://passback.free.fr
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
248cfa8be3b7d4738a900cc8114bf27c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7180 0
0 45ms
13ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://248cfa8be3b7d4738a900cc8114bf27c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame AD84 107 B
122 B 27ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=passback.free.fr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 04:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame AD84 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=passback.free.fr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 04:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame AD84 47 KB
11 KB 696ms
696ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4476607512726104&correlator=4008771306054322&output=ldjh&impl=fifs&eid=31060783%2C31061433%2C31060413%2C31061143&vrg=2021060701&ptt=17&sc=0&sfv=1-0-38&ecs=20210611&iu_parts=22336046%2C03_lowcost_pagesperso_web%2Crg_droite-ga-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=pos%3Ddroite-ga-1%26ad_group%3Dad_opt&eri=1&cust_params=env%3Dprod&cdm=passback.free.fr&bc=23&abxe=1&lmt=1507733845&dt=1623386832547&dlt=1623386832313&idt=211&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=3&adxs=0&adys=0&adks=2165746347&ucis=ju6c7wv1ms19&ifi=1&ifk=3199238668&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fpassback.free.fr%2Fpub%2Fpp_300x250.html&ref=http%3A%2F%2F212.27.63.113%2F&top=http%3A%2F%2F212.27.63.113%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=300x250&msz=300x0&ga_vid=1044331657.1623386833&ga_sid=1623386833&ga_hid=477782664&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

50126733f2dfa9c8fe25098346c79ba0d9f9a98b690f86acd3ee14e8a198231e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 04:47:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10938
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://passback.free.fr
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4ed2b3291d3efcbdd01071f265dfbf92.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AD84 0
0 68ms
14ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4ed2b3291d3efcbdd01071f265dfbf92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 6392 191 KB
55 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113820
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 6392 12 KB
5 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113820
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 6392 87 KB
27 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113820
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 6392 4 KB
2 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113820
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 6392 41 KB
13 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113820
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
DATA 200
OK truncated
/ Frame 6392 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 980e6e9c2fa0e8396640a0c8837cf5f8d5cecf7a5169cd90bda167e41a068185

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15312286537614790387
tpc.googlesyndication.com/daca_images/simgad/ Frame 6392 42 KB
43 KB 26ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15312286537614790387

Requested by

Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_120x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4469bca16ac6c014f3363b1e4bc1ab5ed2ab2d7c70b8cbdc066e0303a261976d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 08:42:58 GMT
x-content-type-options: nosniff
age: 72254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43496
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 07:20:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jun 2022 08:42:58 GMT

GET
H2 200 fr.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6392 3 KB
3 KB 26ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fr.png

Requested by

Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_120x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 15:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 48561
etag: 12021612326893382710
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2724
x-xss-protection: 0
expires: Fri, 11 Jun 2021 15:17:51 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6392 295 B
778 B 25ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_120x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 22:25:59 GMT
x-content-type-options: nosniff
server: cafe
age: 22873
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 11 Jun 2021 22:25:59 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6392 0
0 31ms
31ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbYyK0OrCYJmMI8Lm3wPqz5CABMrx0ZZjq8uE4e8NoIeA7JACEAEgyZXZVWD1lc6B4ASgAcj-q6cCyAECqQLC0ww0bkuBPuACAKgDAcgDCKoE3QFP0OFwCB0wfLfOu0ctR3DL-GX4F23wWe5_l0cZqXrrYao-Q9Z1wKnJzKqolg7YS4CgvKAeUpP4UkJYIXAP5lrTTdII64iSsr-8rG1Y0WxIu9iYHIW24tHikO0A6Tw85SVzvj7eTynS62kP1yipIxh8_oSDEPsyznIvZStCNYrzlHLo4M6JSVrgd3MI95Wx1khfWkLDLbj1zWoRMDPmXnD_RYhJe-yxkthRQhjBkg2T-QEto4LyNiWqRO2aBSN0PcytMHm-8h9pRfcrG0Ek1u2lSHFtMPPgXoSshP4iOcAE9pTZ_8MD4AQBkgUECAQYAZIFBAgFGASgBgKAB4D18uIBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEKvjA9IIBwiAYRABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMTQwNzYwMjA4ODgxNTI5Mg&sigh=qZA8vhLuy78
Requested by: Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_120x600.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7180 10 KB
8 KB 37ms
16ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebdc5d6a23759ab37435c08957dca12bf071349d5370140ce99293d4daf11a1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 04:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7888
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7180 17 KB
6 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 04:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 11 Jun 2021 04:47:13 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6392
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_120x600.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date: Fri, 11 Jun 2021 04:47:13 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 6A73 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://passback.free.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://passback.free.fr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 11 Jun 2021 00:45:13 GMT
expires: Sat, 11 Jun 2022 00:45:13 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E65B 783 B
762 B 15ms
15ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f36c908d146ae2cf6ad2fc76dd081ee0d2cef54d21efc08d2e5681cf7af634ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7xu8oP0QkbNHI3YDKhCeew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://passback.free.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://passback.free.fr/

Response headers

expires: Fri, 11 Jun 2021 04:47:13 GMT
date: Fri, 11 Jun 2021 04:47:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-7xu8oP0QkbNHI3YDKhCeew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A73 14 KB
6 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 19:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jun 2022 19:55:10 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame CA10 191 KB
54 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113821
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame CA10 12 KB
4 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113821
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame CA10 87 KB
27 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113821
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame CA10 4 KB
2 KB 31ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113821
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame CA10 41 KB
13 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 113821
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CA10 4 KB
713 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=fr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Jun 2021 03:37:11 GMT
server: ESF
date: Fri, 11 Jun 2021 04:47:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Jun 2021 04:47:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CA10 4 KB
690 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Jun 2021 03:22:52 GMT
server: ESF
date: Fri, 11 Jun 2021 04:47:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Jun 2021 04:47:13 GMT

GET
H3-29 200 fr.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CA10 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fr.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 15:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 48562
etag: 12021612326893382710
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2724
x-xss-protection: 0
expires: Fri, 11 Jun 2021 15:17:51 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CA10 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 22:25:59 GMT
x-content-type-options: nosniff
server: cafe
age: 22874
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 11 Jun 2021 22:25:59 GMT

GET
DATA 200
OK truncated
/ Frame CA10 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bdd96e5d76b9fba7fe8c4ad33085070ef51a77248150563f0dd1189c59d9352

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2092226232289745406/ Frame CA10 13 KB
13 KB 107ms
107ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2092226232289745406/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qlmjwmFVcQedKo73USFiGd89_0uFA

Requested by

Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2635f06474290d7d2c42f930cb43751e62032f338538e16b37fea2763aac8c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 04:47:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 May 2019 09:07:33 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12960
x-xss-protection: 0
expires: Sat, 11 Jun 2022 04:47:13 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1046101055475259627/ Frame CA10 16 KB
16 KB 7ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1046101055475259627/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qliU8kVkmcE6NX4jLIjS_0bcHLE1A

Requested by

Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86389c59a30e9c3b7ebc3ce2c21649f208bc1b8e7e3d52076736af118d2ac3fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 06:28:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 May 2019 09:07:33 GMT
server: sffe
age: 166741
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16098
x-xss-protection: 0
expires: Thu, 09 Jun 2022 06:28:12 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CA10 0
0 33ms
33ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cja-S0OrCYLWzI4XE7_UPxdyUCKqisYJchPLc9-gJ_YHktusCEAEgyZXZVWD1lc6B4ASgAdSRrdQDyAEGqQKArzmbkGu0PuACAKgDAcgDCqoE3QFP0OscSJy8y_UTlgjKi73COXly9GxeU_iGelZgpw73JIV4mPoNEeQMHK_XVRv-1NSH0lJYbamZqnDTjrEhhxlmtCh02dIJ-NRGOOloWczoweaAzisCGWAqcEQa3Tcd6M3cyn0E-Yn600HqAktc_W3WRcZjZv_rTLRoD1xXXJR7_8igvnxSOPi9xOXiIULTK7qrfRHsS1LKjZcdgCKSLzvfLNGwC3CROq57HUJ3lfF_fbC3IpTffc6wKXBUaxFO9dw9YnkhofrnKJLXPlf55nXHnWj1ZG-vRkdTbgeMu8AEr9fL9JUC4AQBkgUECAQYAZIFBAgFGASgBjeAB5Tu0iuoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQiL8X0ggHCIBhEAEYHYAKA8gLAdgTDYgUBNAVAYAXAbIXGgoYCAASFHB1Yi0xNDA3NjAyMDg4ODE1Mjky&sigh=aoTo9MqnRL0&template_id=492
Requested by: Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_300x250.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AD84 10 KB
8 KB 38ms
23ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f16a7bde974f0b743c4f4f1a91b5d51d464c7a6f50feb2ceddd7b8df2f6e6f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 04:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8052
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame CA10 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://passback.free.fr
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:13:37 GMT
x-content-type-options: nosniff
age: 225216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 14:13:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame CA10 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://passback.free.fr
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 21:34:47 GMT
x-content-type-options: nosniff
age: 198746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 21:34:47 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AD84 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 04:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 11 Jun 2021 04:47:13 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame CA10
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

22ms
22ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: passback.free.fr
URL: http://passback.free.fr/pub/pp_300x250.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date: Fri, 11 Jun 2021 04:47:13 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7180 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060901&jk=1510357633933230&bg=!sbKlsvbNAAY6sG-_OrA7ACkAdvg8Wlep1TTXP0_QM7qFH5rACNo5xp-J4apgP6XF0W2qUxv5K5uUlAIAAACrUgAAACloAQcKAEgp_CvPfYy8zvNhGwG11QIStUao6qiLAzhO6Prp35LEahj-R_OeVGpaW-rYXvkQrGiNDH0vblKmzTvmQysnWOOB7BkGB6hHdjmZAod3UCNB1OAnrH0IBZPHknABxnr8NREv7FiNo4AVfCMvq8M3zY9Zhqfmv-8FXZeVVu5tymBkt3DLBG8y0jFJozIyeGZ5STiAMIxIqhwraiWJL7t4h3KVWrREEXFFJU0c2Cc7ldbcq6IxhRZNXgAGgU-upYXNGejTUrx9kiLIPstGwtmozHrxKTWqCM4wNZ6nBIO_-wenqZKN5AUjkxKVEsBoLHhtNbKiOtZ4YUaRiL9hdjPLhkbCSnRSf4muHEJJcpdZgIrQ60F0HnSmnN328hn1DNThkyXCjw6A80cyDseS69BjmTZx4pimcDm-Ne5sybpJdre_9Oka2gz_L0KKiBE4q99Bq0SAUKFOI7OQQe93oDe8vFX7xa34mG9OWNGmWpr202qedBlmS71G3TZcc718HOyCdEq0HKumVpgsUbgZWWqJk0XY5CiyE_JLHH9LMEuD3cM5tMJGqkPx5ZfL0T1UfWjNZmTNDBVGC0nv7iq7HeClpq2c_XrC-CxwqCvPI_vwPjyAxutnzIp-g7yuGsRuNKs4SUUn82DelxX6Gf6RNsNLIfo4MQ-aXb4lT_SdDMGoVVwyCOlv3C3olzibbcsplT5_3Y9GOLmpLpFQzSkSTp7kE3tVjy4YE6W8kvYBu3DfV8ahXulcTbwmAJQkkhnRjWR4RUTbvScmUCbv9XOoi3fXc9gEwOp3j0pT0yDuNh0ZCX3fF3XkwGRQTYtLhUW7yI3bMdiHohZYJ3N6VQVIn3FEhT-E-CK9ilyex5HMriu2oBn-HgJYhYt6JmzFcS0gf1ltzr47kuEA-jg2ENOvQE-8Yx3elQ9-jsxc3A6ePTYApFTcZQLh9zTQDPMKhpAuM2sXMCRdeg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 04:47:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 8043 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://passback.free.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://passback.free.fr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 11 Jun 2021 00:45:13 GMT
expires: Sat, 11 Jun 2022 00:45:13 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 25F5 783 B
533 B 24ms
23ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f8c74da878eae41d90dec72f4c003c58625031765a486ee0061afcf9554ba54d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gpBwaN6QA3oIcRKfAh3MqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://passback.free.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://passback.free.fr/

Response headers

expires: Fri, 11 Jun 2021 04:47:13 GMT
date: Fri, 11 Jun 2021 04:47:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-gpBwaN6QA3oIcRKfAh3MqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8043 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 19:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jun 2022 19:55:10 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD84 0
20 B 17ms
16ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060701&jk=4476607512726104&bg=!PzylPHjNAAY6sG-_OrA7ACkAdvg8WobycVtuj58U3_LTaHdJ7OIHqBiBa69Lkk75Z2DAyBqKdtwyUgIAAABjUgAAAAloAQcKACFPlsdH8C9R9ERqUflOH11wKpfO6Pca260Dg698r9wbcRmZAn4K6W_1muF5i-LBaj1nfp9xZHxioVyAAvn3ACg8hTD7Yn2ZSGJsqxc3Ivtj6ZDySNaI9tEyxkbjpYlR8kEYiBBEMV5xAQDqT5nmmaHFhHETNmu-YhaGa9veKIzU7_uHn4DWu_Xp62DyxpKi4lsFrByGTDxMtYPXkMFje9wou9N2TcKWtstOvJ-yXVlXXT9RfusdrukSUBZrqmDdZbGQlu4W47p-7Pv6qpQbAjgAkzJVT6gaxFt2yFG_Qr73F_NhjHPzmPI42i0l55Z6kR8u2a6NbHt0Z5C-Ukx6bp7gIrXwuXHVQBRkKHeeun6xVbgAcOx60aenZGkb2C0lwlDgTOXla52xPXhwHsr3C9P5ZpRDbfD4dAoDhP2fAjTn_v2OfKJ1uD1x3u6htyeECixO7UWTx8MtxVRUC7ZyoAxmwQHu_3OGAKxj7iD9hMYwV4wnsw3xqk7I8yi-9yX1eF57ZGJTfWTyo_48aAM-xI4ixwv8D7oXJNxd1qo0DVQrdnHHnIB-a-NYfO8G29I51UAYBd3hXL_DCb2-zS79a6JD56bkn4WBPGty_Lqsaf556tPb3JpPpuQ_zo-xNfyCGBfBnB-vXz-Pync1ooMPkxDyn_LQHal8SyODdmHmiaP_v_HSxsT7b61xULzHTtSHKJBt-Wej2vsLtRjmG4oJOaxS48ei_netU2w56wGy3Ncrmgsh2zLIYmUGYyuxgkGQdEacB8u6tX4i31zNmWlWVu-18Si_8ESiON5l5WQGEb73k0BnIRBB0pJtbFqqV9Z-SCUNlAWqwS1f7ZIWUY7YLn46CRRrfkaoIYz65v2tF9pgChoM2kTBH8VUQ5ItUUDvAzewvA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 04:47:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6392 42 B
64 B 16ms
16ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-7IWQC7SoQdfyGlCjDk1uitSzB8v03mOxurB9xW7WRYPJOzuw0rMQlLTF2PePj4V5egVwzrCx_zs9_DK5F3KvlPTXGjteOfTnyohdwxqrEayu9pZAroGulUs&sai=AMfl-YSeda87a4eujd5jL-ghksbDPXoG9E1__V1Av1QDTYPLoceQl-OjaN8nnkaTn5ozuS05pSbHpjH0TK5q&sig=Cg0ArKJSzFU9WAgpIQsSEAE&id=ampim&o=0,601&d=120,600&ss=1600,1200&bs=120,600&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=53&tls=1053&g=100&h=100&tt=1054&r=v&avms=ampa&adk=837864984

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 04:47:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CA10 42 B
64 B 16ms
16ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRv1yklmO-RefHjQ7afumZ6wWFpIHsgy9CTy6FbEuxxt3nnt__HJgbcoo0oZv-ANVdk-SXWRZKRsAdtOb8eGS3CUI8jW-z1VzYFdsStdIrq7NMuvbcTLs1iOk&sai=AMfl-YSfIAMCQ_xUYezYXuKsTQrkqijdNhc8NwvgtXyHG5WWBsYoe5uF89jDaYpsdxkf1SnDxZ18P45gn5Cb&sig=Cg0ArKJSzNKqJ8kKRICNEAE&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=61&tls=1061&g=100&h=100&tt=1061&r=v&avms=ampa&adk=2165746347

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://passback.free.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 04:47:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Free (Telecommunication)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 http://passback.free.fr/pub/pp_120x600.html
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 http://passback.free.fr/pub/pp_300x250.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

248cfa8be3b7d4738a900cc8114bf27c.safeframe.googlesyndication.com
4ed2b3291d3efcbdd01071f265dfbf92.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pageperso.free.fr
passback.free.fr
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
142.250.185.66
212.27.48.10
212.27.63.113
212.27.63.220
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
094c1111eeb737673d376e2598c9abfad2c1dadeab91522940bbf5d2ff512a72
10bcb31b67ea338f3bf0b077883eb436ceee5fa58d3c18c056e35387abb28e75
177ebb35a735e9e11c5eb72933843b73e5625ef2dadf80f1a32fefd0817f00d7
1c0a4c95a402353a78175b8672d35bd4d9cffcedc2e6739d9c8441c623d04dc7
1ec8747e218048f0509f9ab925a516cc44385b804d1d27f63e3f8139aa3eb4fe
2635f06474290d7d2c42f930cb43751e62032f338538e16b37fea2763aac8c93
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
3174f177d678536d29de1b7601d9cfbd7d0e4b2ece52629853324141518f71fd
34ad0a4de1c78a4fab7363d481943e06047c413f4cec790af0a04a1ffda0237c
3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8
4469bca16ac6c014f3363b1e4bc1ab5ed2ab2d7c70b8cbdc066e0303a261976d
50126733f2dfa9c8fe25098346c79ba0d9f9a98b690f86acd3ee14e8a198231e
54e37513da06f78172637fb11030de53d01b815e3be37e41566285b5e0f74057
72ecae8cfd1e77e78b59072abebc9c1f38ef5205c874307342694ed8be26fa91
7c365b3aaa063df2c5f9fb2c3730e64cb4a4630f124c9e0cdc5741725a21cf60
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
83b3b4104d64db388da6f4a07ab0a1b49ca4dd69b3f83e29f005c3237448b117
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
852ef53f85798703dcb67f2c75fdb1b6ec1faaebcdc75ba09b7a697219438e90
8572ae3b234174c68c9efc17a0490d1028fe6698ce998dcc3a001a1d69583beb
86389c59a30e9c3b7ebc3ce2c21649f208bc1b8e7e3d52076736af118d2ac3fd
973ad4a473e86e40b39ff83443d0b9fbac7e847248906db91456c80b9781ae27
980e6e9c2fa0e8396640a0c8837cf5f8d5cecf7a5169cd90bda167e41a068185
9bdd96e5d76b9fba7fe8c4ad33085070ef51a77248150563f0dd1189c59d9352
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
b2d16a69731aa34e17a1b99d459ec0d2b679e6ecadca3daf54cbea5f70123fc1
bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
d6392c7619b4b6585380217665b01c62cc632ecdfe955153b586e5eedb2ef0e4
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e02b42843aedd3c11ad49fe161d24ca711eb88b02bbd5582321759862b8406bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
e9edf15f42b6de85435769aa7410dc4ad6efffbcb67db5016d0c475862f16fcd
ebdc5d6a23759ab37435c08957dca12bf071349d5370140ce99293d4daf11a1f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02b68452d6d52d6636dad5e49fdf61f82188030f1964429a35bcb6554b4ae8d
f16a7bde974f0b743c4f4f1a91b5d51d464c7a6f50feb2ceddd7b8df2f6e6f21
f36c908d146ae2cf6ad2fc76dd081ee0d2cef54d21efc08d2e5681cf7af634ff
f47ffd80f76614ac170fecef17a153f992e5ed85091d98a47c16b61fae3e2ff9
f8c74da878eae41d90dec72f4c003c58625031765a486ee0061afcf9554ba54d

212.27.63.113 Open in urlscan Pro 212.27.63.113 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

69 Requests

74 %HTTPS

75 %IPv6

9 Domains

15 Subdomains

17 IPs

3 Countries

685 kBTransfer

1784 kBSize

0 Cookies

45 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

212.27.63.113 Open in urlscan Pro
212.27.63.113 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

74 %
HTTPS

75 %
IPv6

9
Domains

15
Subdomains

17
IPs

3
Countries

685 kB
Transfer

1784 kB
Size

0
Cookies

69 HTTP transactions
0 data transactions