urlscan.io logo urlscan.io
SecurityTrails logo

microsoft-office-business.updatestar.com Open in urlscan Pro
5.35.253.150  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://microsoft-office-business.updatestar.com/
Effective URL: https://microsoft-office-business.updatestar.com/
Submission: On November 03 via manual from VI — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 6 countries across 22 domains to perform 208 HTTP transactions. The main IP is 5.35.253.150, located in Strasbourg, France and belongs to GODADDY, DE. The main domain is microsoft-office-business.updatestar.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on June 14th 2022. Valid for: a year.
This is the only time microsoft-office-business.updatestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 5.35.253.150 20773 (GODADDY)
18 2a01:488:67:1... 20773 (GODADDY)
5 2a00:1450:400... 15169 (GOOGLE)
40 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
7 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
11 2a02:2638::c 44788 (ASN-CRITE...)
2 2a02:2638:1::17 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
7 10 216.58.212.162 15169 (GOOGLE)
2 4 104.18.19.126 13335 (CLOUDFLAR...)
2 3 185.89.211.116 29990 (ASN-APPNEX)
2 35.244.159.8 15169 (GOOGLE)
2 23.11.239.181 16625 (AKAMAI-AS)
2 3 185.94.180.126 35220 (SPOTX-AMS)
2 2 18.156.0.31 16509 (AMAZON-02)
2 185.86.139.57 201081 (SMARTADSE...)
4 2a00:1450:400... 15169 (GOOGLE)
8 172.217.16.194 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 74.125.71.154 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
208 38
2    5.35.253.150 (Strasbourg, France)

ASN20773 (GODADDY, DE)
PTR: www.updatestar.com
microsoft-office-business.updatestar.com
18    2a01:488:67:1000:523:fd96:0:1 (Germany)

ASN20773 (GODADDY, DE)
www.updatestar.com
w2.updatestar.com
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
40    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
18    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.fr
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
partner.googleadservices.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
34    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
7    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
11    2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
2    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
5    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
6    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
10    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
cm.g.doubleclick.net
4    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    23.11.239.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-11-239-181.deploy.static.akamaitechnologies.com
sync.teads.tv
3    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    185.86.139.57 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
4    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2607:f8b0:400b:80c::2003 (Naperville, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    74.125.71.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f154.1e100.net
bid.g.doubleclick.net
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4007:2d::a (Ireland)

ASN15169 (GOOGLE, US)
r5---sn-25glene6.c.2mdn.net
2    2a00:1450:4001:d::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r5---sn-4g5edn6k.c.2mdn.net
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
80 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
662 KB
41 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 320
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 367
bid.g.doubleclick.net — Cisco Umbrella Rank: 698
427 KB
20 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
pix.eu.criteo.net — Cisco Umbrella Rank: 5787
csm.eu.criteo.net — Cisco Umbrella Rank: 5892
152 KB
20 updatestar.com
microsoft-office-business.updatestar.com
www.updatestar.com — Cisco Umbrella Rank: 387101
w2.updatestar.com
104 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
100 KB
8 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
gcdn.2mdn.net — Cisco Umbrella Rank: 1105
r5---sn-25glene6.c.2mdn.net
r5---sn-4g5edn6k.c.2mdn.net — Cisco Umbrella Rank: 373887
2 MB
8 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 447
fonts.googleapis.com — Cisco Umbrella Rank: 118
imasdk.googleapis.com — Cisco Umbrella Rank: 468
163 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
328 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819
3 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 134
www.google.com — Cisco Umbrella Rank: 17
2 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 799
2 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 313
3 KB
3 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14340
ads.eu.criteo.com — Cisco Umbrella Rank: 5761
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 7655
56 KB
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 805
326 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 407
572 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1604
344 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 683
365 B
2 google.fr
adservice.google.fr — Cisco Umbrella Rank: 20296
914 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 361
5 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1047
699 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2041
363 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
75 KB
208 22
Domain Requested by
40 pagead2.googlesyndication.com microsoft-office-business.updatestar.com
pagead2.googlesyndication.com
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
34 tpc.googlesyndication.com googleads.g.doubleclick.net
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
microsoft-office-business.updatestar.com
tpc.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
microsoft-office-business.updatestar.com
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
12 w2.updatestar.com microsoft-office-business.updatestar.com
11 pix.eu.criteo.net ads.eu.criteo.com
10 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
8 googleads4.g.doubleclick.net googleads.g.doubleclick.net
7 static.criteo.net ads.eu.criteo.com
7 www.googletagservices.com googleads.g.doubleclick.net
microsoft-office-business.updatestar.com
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
6 www.gstatic.com googleads.g.doubleclick.net
6 eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 www.updatestar.com microsoft-office-business.updatestar.com
5 fonts.googleapis.com cdnjs.cloudflare.com
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 securepubads.g.doubleclick.net microsoft-office-business.updatestar.com
securepubads.g.doubleclick.net
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
4 s0.2mdn.net googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 sync.search.spotxchange.com 2 redirects googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 r5---sn-4g5edn6k.c.2mdn.net microsoft-office-business.updatestar.com
2 csi.gstatic.com imasdk.googleapis.com
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 ups.analytics.yahoo.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 imasdk.googleapis.com eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2 adservice.google.fr securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2 microsoft-office-business.updatestar.com 1 redirects
1 r5---sn-25glene6.c.2mdn.net 1 redirects
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 ajax.googleapis.com microsoft-office-business.updatestar.com
1 www.googletagmanager.com microsoft-office-business.updatestar.com
208 42
Subject Issuer Validity Valid
*.updatestar.com
AlphaSSL CA - SHA256 - G2		 2022-06-14 -
2023-07-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-27 -
2022-12-29		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-03		 2 months crt.sh

This page contains 30 frames:

Primary Page: https://microsoft-office-business.updatestar.com/
Frame ID: B8B73F4F6C0E9F1F9B69D60BCB175614
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Frame ID: B7BB45C188915C1FAD35CC95442668F2
Requests: 1 HTTP requests in this frame

Frame: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FDA0F391FC6E56553ECDBC9D009D5F5C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&adk=1812271804&adf=3025194257&lmt=1667490505&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494158055&bpp=5&bdt=668&idt=353&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7287618061292&frm=20&pv=2&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017&oid=2&pvsid=3114586240850031&tmod=397930493&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=375
Frame ID: 0932C0E0BE724B3F6ED72785660BFCC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=7484580198&adk=3746994897&adf=4043999025&pi=t.ma~as.7484580198&w=587&fwrn=4&fwrnh=100&lmt=1667490505&rafmt=1&format=587x280&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494158060&bpp=4&bdt=672&idt=374&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7287618061292&frm=20&pv=1&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017&oid=2&pvsid=3114586240850031&tmod=397930493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=toGFNNg0WI&p=https%3A//microsoft-office-business.updatestar.com&dtd=381
Frame ID: 71638108734670B552DE16500C496F17
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Frame ID: 2CFE996FE1325C672DF4C560694309D2
Requests: 26 HTTP requests in this frame

Frame: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F026EFC227D6053740E4BABDDE333FEE
Requests: 14 HTTP requests in this frame

Frame: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2AA5BE80A26B899237CBCFEFC285365C
Requests: 14 HTTP requests in this frame

Frame: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 20935409D2BA8F130D311B69368F665C
Requests: 1 HTTP requests in this frame

Frame: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6CA7C4BE0A863DB634AF5520D0B9B41E
Requests: 1 HTTP requests in this frame

Frame: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3CEB09E2C2B726890D28399EA50D949F
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7275BAD70AB43E03C5F0794D0D2A0A8D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Frame ID: 73E701B81B3FA1B453E219A84D1D09CA
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi_7d7KATAB&v=APEucNXs_P-l_Ne3WQ1eWyzF52-HA3-LS5nUTtlx99QhHzyhs7yEdNfQH_AzOHae5FOr2i5mWbLKFJCc03jljdx-X182YcSX8Q5Gp1OCq4RAPXRVzq6ocHD6WK_a_FI2JamTBKndpWe2SWwDL-gn--mA5eEm5ibJjdvYPK9xV2Eoel3dU0OErEY
Frame ID: 20180E1A12945D8681BE20EED56DDC8A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-oYf6_yGTaAyHDcoc4tHezT_UQ94gkgjY-kbraRsYFHBhWfc6_Q9FQOFf04MZrF0BfrgNYgutgPTAzTTyRb5YypVFLQ&cry=1&dbm_d=AKAmf-Ck38Ii2cj1twsK9e7jB9iNokrlk-wOkr1xS1oPEoujLW31wh9Codq88l-q2RqL4_Tab49-KBUAkRdR5tsa-VCDERAb3R_KkxjIoRFLQUE0J9so28ynfuccNNl9qVHbOxyAzWlEVNw7uFH8RRNO6z3-EShiM1vFx3k04F6f4-x2hrrrKW2TEHxCDBFay38LbBA2EZKLk4dXvsDk9-sTX37gRMgw8bT1AbDn8ytmtuzHHoKKHklxAZQeFbkL1rvBKsyPbXVOtSjQdE2q6E6p_IUlRwH1Zvk28aNOhnOYzHgFAlKSKpbtXZfK3DmRHeW-3LBLcM9Ez1vJUe1ErxeTP5DFxqnIP3YgGYwEkRcqweeExS7sgIV2j7sw1ILTvXz8O9fJhWgemtQ-5mUe_kGVudpX0OWQYNUggnwsBXOvla01DuBgvtwN0CAsgF1om8-NrFla_4LMS8NIQbBpDfszRewR_WtFe9TwydFgz6mobPsEXlbGyL7Rku6cs3J2UdI02oIS-8wW-qX4AM9vNBYZREA8foBzCiLuGO8UOXRQL9Cn6GUChUX3oLI4wR_5Kzj-Bf4M7OGpnqaSTO5s50TuBZWL9eq7cY7mi_vtHiDyqqoLXHEDXQwJL92pOju-Qe81ACZd9kRDlQfJMksUWgSOL44ee1SUPG-KMCwzneVYqE596istpHBNktvcpDrjAmBXdGpGDd9jNsNZqiSomQlzB-7GaId4T2aGV8IEjzIZBCq6c35gtv7kRSRUuW30RYtbwbQa50UbsFnOffJIm-GKEpNYI7Dovlwlg9z2_8MV1gyaVOXCbSkrLwNtHt4MWouyxkuBBv6dj8y5VE2_mPjmQGf1NiTRvbNsI_ER3vaLrbK1Hrxb44sGQSUrzlrd01eimQs1ZOKiDme2ASF15no1Yx0EKby-fDBDCWyO1xDvwfyDoJNoTrAZzaC6XJgseiOlEgkqxvRWnI972FSgWX52NRSaN4TjPyTusLPOdykP8Eg57ZwQ34ID0zCsobXWo5afXn0wIxqvUe1VorcnVBschPdRahrpeAPbzZNgA7iFc7I5v52vv7NwfwO69adJMMGOjHWXUjY0nYYGe7rv4Pbdy-K3SIjI_6ypVtOf-2yefIVFK1c5uEaAzDtmoIgRXDppbAsvA_Vd6andhu4rPZzusZmHHDHcVeTLSRRuNBTnZAKB4jqySWk92-PRl9OfcqgjEKgxt3S3htxMP2-8HF5JMcz4Rq7m42C1-9A6G1t10mIIiVDlc7n5d67J2ZXRzvi-A-WqXVpqgpSZP4ZR723njVNDJNJf9FcsCJghnCtX3xg0dp4Lpvu5EJVQBJ9jVmL9o71jMgtKUUO2S40Qn6oNmXnx5kC9Km7eAz_UGeRfqS-80E76JeNxuRkKI0HqAYaTEzj1TK8hksroUjyFMuu-IXZKQdwo2dXmUT12IDKEzNJsaveVBgzo4MpkESM_r4dFpMIvC2ncdrBnvFAC-hfzj4pVpp5z0DzyjErEBz6vkUf0GehfMOqqMcETFlt-nnl_zcgSc96aSjg5lChnDYDDznQiO6uGIEUDkESJMMru5iWOlrD2GiEePfe0zzMwySBZ_NtPQPloHyirckv3dS_yIfXEZ9SwUbPUAsXcrowDcG8xIY_sfiv2PKWFgd07ugeouyoo8otegHJ4ke1azvIVjfVoGksz_n7ib7ULfqKdj9VKinvkaY-qnu4SDMwOnesqutClu52VGjfUYW2pQjImfFes6ycfJPBs-bUqV2nYSFxRAdiYtmLETu-6J95C5P7tt9FVkfeaDKUhNlwvSVl9znY9Dl7eLVh_80gTvcgvFr-Y2aiZq6Ao_omGvRdV-QsYhHb_UjbkQbPH2tl4GhcOgp4G1V_4SEJFw3u87H7zDDz2sHlvlZHSbicnmXsdjrhpNrFtj4bRJSGsQDOVInKW16Bt12ZSVzOSKp2bWft7AL8xclPO5ZlUhnrlS-JBaFhlmmw5xyJV-kJZwyuAkJiovfp4Nh_zcH-Lkg5FyqdaFPepObtUttIRfFUqMKtz3_z96o0cnDyMwyEwMHfXgM8iuikKo1fHG5K6QnwINEm0x5Xe02YFHXcO_p6LWFLpvUGkmLo_ntwTQ1t2yU5HQEINOIDo8g00VDBZpLQwdhlvXzTBheTVRD7ZHoWJlKhidNrlCTXXFUCVEdZqEaSPEiFyg145G-xMMT9qQTbVjBuPUD9JsjwoebT3iYHTbROvLQ4Wpqs0t9sBS__Sgsy6ANnESi1ei1tDGd9513Oyehj5wgdKym0kkMTDnZIA3LRJWK60d0aX0c9CMtQc6YXFnzzBQrl48G2DczQ2upVhpI8k49W55ruxqhQKdtwR8ZmyauEcRv2ALyhJerqg1PO4S2L9ZqyxuPcDUpkPqneez08dCPccdSse4oahn75T6QNqC2tVpzcleDl0cwiu5zKn_79U84p7VMLhLaIx4YqZAfQE-DlltO7ItIvToZNE9_Q5yGrmlrCkDyA0KjG0Q5517mOtDgAoqlYUR022FSJKEI8sXWAG8vr7PdlXGrsDFSDqH_YNs-RiIXbDc0O0B1c5i8bYi9mv9UYYmEVZHky0-4Rl-dnWMVapiGgKcKdgqyXQZPOMi2d63E5PiDn6pBxPQGSi83SWjbdvLiBLlMuEnI6lVhqPsetH1fi2vgllTg4G2OsAcUr7CLzlkIAot-NoqkOfs_8tu4Mm1YysdAxIp3Yz4RbURyWm1AgHCXSLaTO8-qEycktKCMCBi0B6_XDsEepnA5XqQqCh_D0xoxgO0nhQwfsWlgXYppf-Oy6LEf2MI9aqCVx3nNr1uW622TU-V7n4x2VaNoZkjwRJv1zW3-U1Qq0ozRzv24ANNV9f_5e10r3HSi9Ifxy9dWUZmz3MptcD3DQa9_GUaUJm4oZi7H34FkhR3RHokoOxkCuYzBApEznGDxNPr0OlRz2OQ94gRhUyJHVfy2mOJJdcImKWBPx9ILRSMtI1dcVBssG9tul4guRXeL_ZiMvtEwJOId4Fh46VzM6KL_TdOLmjs9Rhp1eHs-k8GdPsqfFFDkvcri0Abiw98QEfqssXOWm18nR7zsEPjPW64C2-gqmTMDX76TCXJQ3ssr34ls_K3MvfwzJMvaGzhZlT70wqt70m58Up520RZ--ZU8SczpGVL0xuftixz5k59m1Z6AnsZOsza6N4qedJ64nAFMGvS68Ic9vGrqJ7k0TzihBpSOmEelN1pIeTzP1GRVMrAfTrEf4crNv6QgdU9tpc0o-iJXiASrsFQPvD87QafC9kuCcGNQWYJPf4YSDLsEEbbgQw3Jqrx7HIGq8FMG5Upv3WnOTWTVOXyt9rS0qt8qHOsYKo1iVPUcok-jVsZt0mMmLKJ65AJJwpuJ4EMHwSbUUZsicNEmW3j2w13k2-_c-kZpKr1oaAO3pbWVLE3nrIsleFwD-3M2LfEpufsx3P2XLVed_srCoAOgPY55-Qp6hPdbRrE-xBxYu_3kIHJhUoMMmQFnd7BK_Z6rqssLEujcs4&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Frame ID: 276DDE0CE8EEA3972858AF67C881DCB6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi99-HWATAB&v=APEucNXeSw2EXsi97dlFlKOL0SkjuVLoEbdm66E-53UnF745_uBApl4sq9SJTwtqpS7yT60bjv8iKNjU9__JrJSTVUxEQoKoIaMRMZ0zCmOLaqPTstLpZd4GXrxuwhM3Bh86_xomtgKM0R2UVVxtls9f4-KQs8Zgr5TeBh0djcXr7Bn1bjmSY8A
Frame ID: F265F18B6BB487F09E380749289CF8DA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi_7d7KATAB&v=APEucNUV764CP8rHPirHvnOuIPY4nzND2KVYmCcLuE0cRZCdPBwSnjYSpphcoHV9nzRLgFEaMhI3DEMkJDkj_9oRlXwdJB9K2pDOvxSsPTBP3iHyMvRBUnGEpaKxn-DKFR1ypF2z6R1v_Sap37Y3CCNgR6Yr-iqT532l5fZw-xudKymH3JHDELI
Frame ID: 23E9F6546302EB5DF14B4470A51ECD85
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKTLG9d6WGIfotY9WzZNUI9h2gyPSfCrowkSZMxyoDkstNwzDNZS-iVsSTQUF7DxOtW0hVXeQE8UhFC-5MvbxpSf3woA&cry=1&dbm_d=AKAmf-CiXeOz1JQYIPo7TB7BSbpB26n43r66n-ad-1r9jXxEePiUd3mCf7uEQNKLWgrg2B2nDQwEIF52OI3kaaE01-_lOMFnw6mB-yodCNfQdSs6E_ki6FqUcNTWqyUydam-5te42u8BGPvDaTAyvnhIf_CWAyHt_TKgWl6ELnKAUnMh125dvcRNzNgmvAq9ARUlLu03iy-0q4olcTpAcUIsar7_ANRxjx_1-H0zRGNlgru5KP9H2-NSZJrUXm2Qwp3wSts_rlTL3vPzd2P5-ZXqMEflPCmsMeuzMaKvp5zV02XqiXBHY2x5uWG7Lzqtd_qsWbr10B4gbq1bG9kAdQivYXLT-l_hYAEL6KfeZy2w_gVYt0h6zUcwKLD2oc5YN4V3st1ot8NXj9zG1prxxLZjlprh-fc0vNrh9dulZZkny_-ImrOETbDO4YN90aGIs_mirBp9uPGrOg6g00c6H_kNoq-wEyo7m247MLlloO_ExZsd8d6IFz4YrlCsFRWppDX0MSBs2odU_GQqnIGD1ZMx33U0C8h-2GNuCAgvs9ZR7pnnXLn64w6vbNRREJNr0FkjsHT6DkXyx25WxWTs3TQulvnlHPvCYfTIle1iZcwXKrbxWUzgN9O28TdqcqndhlMMa0jo7dU973ncYNNOSOlvy43kwkJe-HG6rE1PEGXM2Zw_q0-53bkgsyAWqWOTXNBBHAQK1RGafQ_iYYDYk1YcucmTs6xR_cRL3okDz7Rz_VISLd_813Zr5unD7eKAiQuqwo4Wrt7nXlrTPmPNoS8Z8MwRmPc05RNuyx-a4PXL2_tT5djWEa4ZYVcMe--Rtw4JTsk94kzArcwkNO64Fh-e9AgRGfJfGf0-lHB_xxGzPjwgFJOaP86XTLNTh-9yGFxN6AY5Iq5iInDTCIwxo3ATTzzwLmBjLSTEOemmv1HRyrXMsCmPKonUhn3aswXrudKx9pO26n_lkVmm1CeEjxC7beyxjBVPWrRYunMSluaYZabb2eOOshk83Z9QF5sIqS74CwOzB_Bp9RYkY_K_fLVE3Lm_htanIRnTQyJCGLA0D7c9Zdqg10VgRWF1MO-yYpukMDySBcnM0F0fDSut6hthNEWsYvcIwzg2gRe9Hd_FKLxa4kL0UTO--7cQr2mi9boTokE1OH0Ypgn3cIaEBHGElpnBA9nLBPsFSklRJ7_kZ4YupdLF9XZJWWd570giqPInOZpWn1OKkaJv3ZNQfHqiLNmWkr8hT-fDaucIu3I7jd87_o6K1z_T39EIMAJlKZMbzo5EW_di6-KybfoNid-BO4yBjxBzyKrcUejw6qKfIRv7jZ3hXRz24aXHqsbpQ92Uzw2Xg0OjRe4csxt6lq2SyJIX-GMizmoo5GKMcwy5JD6FBbnaqR_RUXP8XuQhO85BV-6ZNd8MKgDyF74rJDN99hjpJje0Zbvs_-PHjKNZu6o7uJkXx95ihd7762Y_pyEw8zGphNDMXb7ap70tMY0rsMydzsi3i9VZSlhXZ14SfSY8sjpuYkmRNF1cKjK5hYmXHSMXTsUPxC-FfnuuBN8MgO98Xbf0Q3juPjUqpg26HqoReHAjfPYeUrMovW4n3T1NvzCaQfwjKLl9HKbVmMJz_vSlb3F3iytD6NowOSUp9VvH2kCF-npdHudZWEJfsYtTd4ieKoHHhXO82OOD3W3sKtZ6pmYW9O4BydAY-Ow93yehNsTXA9jS253dipeb1BxnhEHo3vuaAFlAT2Ma8w_l4i5hyxkKkWINyh-0bHtT3AEoOzPr5p8rcuiQeLENlCXoHP2M6wH9IR5fannTsfX-B8mYlz9bi3vGvizeFNx9XAFWgL2JZ7CxcDvrfEAPM0OP3wtFvHaiwKA7_Wyf-iynPHTh0_-rrghUiKCzC--jPoCV9hvYGSEBanZJBUwts27476cuGdbZlIXOIRPm4Kpo-5Dl40vWVGktvw_V-27IzmlG_hLn50OeoTH-bI0FLepa1L3kZdb-xFwZsU2BTBtbsldkHJTKyL47baMmRGgYcbPsWa1YlAwY4uExZqQDK43tYiV-x_AzUAF74_kl_D8OBksE__wv71z4URYpQTQHsddRCDSj_Y-118eyoDa4Cc58uZ3EL2O-Jyrqt-IH9cpNy4mEqd7-tQ64MXwP1D3mCtM-gMJPknxonlpLnJ5qhpE7N3He4todPe7uTWMYMw8ShEQUkgA4hc688xDN0Vhzld4Rpoxkt5E9YxH5OapUxv7W-gyx2eya8Fhe46ilu6SF9EejGPQpkADzWS0RzW43rcccfvbIw-cGkOwJTWVMwN1bE7cAbVRKjR8QdyfpxA-SaOehNJnOyqZAin824ZKitt9wri3RgrLtO80Pl_wCZxKvgd3y9yO1XhF4_A1j6i4pCh1VxxttqrRkUtdAvTk0LN5zfeVaKDGtpdyJMl-yvdK7ksY3G3-95cBeY2oRjmPgYWgD7cN3JESL_jKwlhQY0DK70Wwx-LSKwbFK5imzJM3BY4v9FvSOeOw5D-dNcv6SfCCJVroA8W_x4-lctC6W6O_18xi0rWbckziq30l5VFN-CG6B5i16K7hBxUkWsOLpuG4iJM1iJwotQmwQxywFsQbUAuPKE8urG69XGtjlf4Z6A7QJwYW6sB2HT_kWPEuBG5VoBgFh_shR5sLhsU9AC41cRpYuvdX1lQpLxCkjYFKyRCf_49HnLkgwpxpkI-sAhfEuXVxhqi4ba5qy5xufG1fTWvIgUKMk7TTLqoAjDbs0QgTF5bvFhzaAf8iIsnbwUSstuaC-edwsdVM4gGyle8oii1jG04jgYavT9ku5UT5FPgSKqQ9dgf3HgqXwtRnWzEXoZ5uQDSke_D7Lj7bhAd-608YpUXOPLuOZwoMZiiyv9YmTpE0oqxLLKZjCjx1qdUNNJZdMKGWBIVvuVcVFSE1O-ZAhRDD8eRIUjsuvM6haKHb9TnIV4Ud_5zsyFEbXisEeCVDRvr6epqoNTWIPmSDh0gmZ-lyPzTDfHhSalcg-mScfxMBvFjmT146FgqdiiGvBp3znRAM5mwGAjdz8ztCDIITL3hypPKMtATeSZBBw3zisUNmzQ798DJW_j5Xmd-otio1c7s8HLzpeYPCkWpqLJ1XVPq1u-3cYLQ6I7bRoi_JBtVwCyYLuG9389NttqbQ_rGtFGHBoD49nGo5Ar2SeBtqzT025uYcDH8UEy_Q502Z7OVmmxMVjarBVNjS5urqdycifvClZfwz0WDTz95RsNYDCumdvOG-2y_Sv1F8nkcjwt3nEymAo5sXRL7wD810vour-duViWIs8toVzgh-kWrjAOq-FF3JUCX6N0jFlN13OTQkb0ywPr_bdiv1P3PBkSg05-i7v0s9_2esRJDNu0MI5pvbjhPbvwPvzfJ_prUVOT8HEPZmt1www1g736eEnDeipopxQnz4jDmK7I5Ak0sGGp720Xyrnkt5fAgLrnvYeyz9ir9XZjshX6zsyI87YbaOBv0ojpUj6DqPu_a_yyiWB-1i714KS0kNKlOUseD7hAPr2&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Frame ID: 395828E2A85C309A92984FE7C7F31B26
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxij8d7KATAB&v=APEucNW9XYr_Ubx8wh5oJbUB9JB3y2SdeNXQxJUhMG6FXIZTXtHuirmPV-cUNlEZtjHs-nvnM82vXaOKwcnTD7sKu4eAZvbX73E_Lwp4re-fMY1xPjm53jzUDNxCjnJm2srWL4rQ6n0cegYjMHzTyLrd-7GFhZGCJU8cue-DfZ5P9GDG2lZf3F8
Frame ID: C4491D9EEEBA068277FB451291736FD5
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 03BAD7D6F8150A51870EDB7243E0B84C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1D5741C0A03C33A29BC00CB466581A12
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E383ACB1B48062E5A53F4F71CCF9D05C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FE875B200027BCF6FCA5C891AE7B660F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8D3AB3EFE397F42660A9D18E22E1D055
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 70A526BE59817A22C39CD761F0F39E78
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: 084F5D2EDF9610FE8EDFB99540054489
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: 60D3CE51CEDD377775904EC9D5FBCB1A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 9E36E91164F5822625F670F6594E9BA5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 89A574202061AA7673067315D7451349
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE124A39BE869E428D0DECD792D56849
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft 365 Apps for Business 16.0.15726.20174 - Télécharger

Page URL History Show full URLs

  1. http://microsoft-office-business.updatestar.com/ HTTP 301
    https://microsoft-office-business.updatestar.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

208
Requests

95 %
HTTPS

70 %
IPv6

22
Domains

42
Subdomains

38
IPs

6
Countries

4399 kB
Transfer

8080 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://microsoft-office-business.updatestar.com/ HTTP 301
    https://microsoft-office-business.updatestar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNiJ00tPt4Kx4aB4Nb1Nv0&google_cver=1
Request Chain 120
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2PxEPaFEwvTS1TvBjjL0gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNiJ00tPt4Kx4aB4Nb1Nv0&google_cver=1
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEITokCFHYLMXyVvULIOvOHQ&google_cver=1
Request Chain 122
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxMDM2NzMwOTk1MjEwNzg2
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA20IOEgW5fLu-beu0Q0a6o&google_cver=1
Request Chain 125
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEMFkUKt38Z-5BPcEsWeWxrA&google_cver=1
Request Chain 127
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELFtGoesuQA9ipCOMQEVM6M&google_cver=1
Request Chain 128
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=769b77df-5b97-11ed-8747-17f3d7a10106 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzY5Yjc3ODMtNWI5Ny0xMWVkLTg3NDctMTdmM2Q3YTEwMTA2
Request Chain 129
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1TM1ZEeXd0RTJ1RzRvWC54QmFvVUJPR1N3RW1OZ0hHZH5B
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELtBGSIh0tX8zEmQAvyzRiQ&google_cver=1
Request Chain 183
  • https://gcdn.2mdn.net/videoplayback/id/0e20f587e1ab6e4a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699030160/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/B510B53F44F9A8AE6EA0F5D4714DD300A480C7E5.0F9766ED1FA44A2432FE17CE5700404A6D6AC84C/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-25glene6.c.2mdn.net/videoplayback/id/0e20f587e1ab6e4a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699030160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1E23D4D98B42327FCFCDF7E89AEE03887F3A241C.5033F4AC542174F2727F76A4EC3AD9812725F088/key/cms1/cms_redirect/yes/mh/pg/mip/2001:41d0:8:d154::15/mm/42/mn/sn-25glene6/ms/onc/mt/1667493747/mv/u/mvi/5/pl/52/file/file.mp4 HTTP 302
  • https://r5---sn-4g5edn6k.c.2mdn.net/videoplayback/id/0e20f587e1ab6e4a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699030160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/089FA6E2CF1123A161964DAC41A6F626377615EE.484869E971F5ADA148F3483D04056F34EF747C30/key/cms1/mh/pg/pl/52/redirect_counter/1/rm/sn-25gk676/req_id/5520b9fe3ef9a3ee/cms_redirect/yes/mip/2001:41d0:8:d154::15/mm/34/mn/sn-4g5edn6k/ms/ltu/mt/1667493907/mv/m/mvi/5?file=file.mp4
Request Chain 185
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

208 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
microsoft-office-business.updatestar.com/
Redirect Chain
  • http://microsoft-office-business.updatestar.com/
  • https://microsoft-office-business.updatestar.com/
118 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
5.35.253.150 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
www.updatestar.com
Software
/
Resource Hash
86dcceec31f1bcbb21af6ff917e9dbd1d377dd881053f0b0b9cc5b7f5652e0c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
public, max-age=1800
Content-Encoding
gzip
Content-Length
17875
Content-Type
text/html; charset=utf-8
Date
Thu, 03 Nov 2022 15:48:25 GMT
Expires
Thu, 03 Nov 2022 16:18:25 GMT
Last-Modified
Thu, 03 Nov 2022 15:48:25 GMT
Vary
Accept-Encoding

Redirect headers

Content-Length
166
Content-Type
text/html; charset=utf-8
Date
Thu, 03 Nov 2022 15:48:24 GMT
Location
https://microsoft-office-business.updatestar.com/
icomoon.woff
www.updatestar.com/fonts/ 		5 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.updatestar.com/fonts/icomoon.woff?mv55hb
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
38fd859bcbbd6cfac90958b3ec0ffe155f5eee9dd8a2f58f934d3cb41d97b924

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Origin
https://microsoft-office-business.updatestar.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Dec 2019 15:15:20 GMT
ETag
"0b46378a3aed51:0"
Vary
Accept-Encoding
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2863
bundle.min.css
www.updatestar.com/css/ 		137 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.updatestar.com/css/bundle.min.css?v=5bea96fa17d8d7913bcff38bb2d92b8b
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
6e16cbeacdbd2d1154e8249a41bc885b3778aece5429cf3f619a9d3b71175a35

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Mar 2022 16:58:08 GMT
ETag
"090a4868d2dd81:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
22272
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5b2fd39bdb783e805302f639a8e0ec6c5e0ba2d87c7b6c9cbf79625390556e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27454
x-xss-protection
0
server
sffe
etag
"1382 / 872 of 1000 / last-modified: 1667473691"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 03 Nov 2022 16:49:17 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		169 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd4da38f2df67c01c56838481ccaebc0e1a2436c8d008eb95f7783584f0ddaa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55214
x-xss-protection
0
server
cafe
etag
7427791329538697536
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 16:49:17 GMT
js
www.googletagmanager.com/gtag/ 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QYZVPCNV1D
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d24b65bbe60e751d56cd5561d56bda0baf0a84b47957ba1237271532878d9188
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76561
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Nov 2022 16:49:17 GMT
uslogo.svg
www.updatestar.com/img/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.updatestar.com/img/uslogo.svg
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
20eead7e17d56b571a5ee1cf2d1c7f6ca79bc672fcd01b6e2273a3ec8973033b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 May 2021 16:43:21 GMT
ETag
"80dab23c4e52d71:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
4905
2338511.32.png
w2.updatestar.com/img/icons/ 		504 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.updatestar.com/img/icons/2338511.32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
97e6fbc2a0d1d4af14842e2bff4fa67c9a64f9ba643ba2e65b9477715d3ce954

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:26 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Thu, 09 Feb 2017 00:08:10 GMT
Accept-Ranges
bytes
ETag
"6222f996882d21:0"
Content-Length
504
Content-Type
image/png
2360255.32.png
w2.updatestar.com/img/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.updatestar.com/img/icons/2360255.32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
c105fbbcff50f532580c7e4802dadcd6f1c6cc3ee3e34b848fcf86ebd03e3277

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:26 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Wed, 30 Aug 2017 05:05:58 GMT
Accept-Ranges
bytes
ETag
"b76a97aa4d21d31:0"
Content-Length
1429
Content-Type
image/png
1382837.32.png
w2.updatestar.com/img/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.updatestar.com/img/icons/1382837.32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
842fc321bc4cc37a8919759306f1a77b8bc6faae049dc9cf3298e84df2e66de3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:26 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Tue, 10 Jul 2012 15:49:17 GMT
Accept-Ranges
bytes
ETag
"89e81b90b35ecd1:0"
Content-Length
1418
Content-Type
image/png
2280952.32.png
w2.updatestar.com/img/icons/ 		863 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.updatestar.com/img/icons/2280952.32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
3f388f193f2e7d528ea130c38e8425e561be88f16fcac481dabcd9738a7cc571

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:26 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Mon, 08 Aug 2016 23:09:43 GMT
Accept-Ranges
bytes
ETag
"687abef2c9f1d11:0"
Content-Length
863
Content-Type
image/png
2204504.32.png
w2.updatestar.com/img/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.updatestar.com/img/icons/2204504.32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
499bb7eeb6b3a01d37071e443f1414aaf5a5d35c145a2dab90f45781778ab6ce

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:26 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Wed, 11 Mar 2015 00:05:38 GMT
Accept-Ranges
bytes
ETag
"643d3b1b8f5bd01:0"
Content-Length
1291
Content-Type
image/png
2465418.32.png
w2.updatestar.com/img/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.updatestar.com/img/icons/2465418.32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
4de6460a419b14ffc39848c6e2679107855ae005eda7e4ed2b9793c4174e7b8f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:26 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Thu, 22 Oct 2020 00:26:12 GMT
Accept-Ranges
bytes
ETag
"c03df4f19a8d61:0"
Content-Length
1768
Content-Type
image/png
355293.32.png
w2.updatestar.com/img/icons/ 		465 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.updatestar.com/img/icons/355293.32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
b9871a9b138517d6cd4d90f3c124f62a93425616ef0ca93cd11868dcdba249e2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:26 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Tue, 10 Jul 2012 18:13:58 GMT
Accept-Ranges
bytes
ETag
"80661c6c75ecd1:0"
Content-Length
465
Content-Type
image/png
1928840.32.png
w2.updatestar.com/img/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.updatestar.com/img/icons/1928840.32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
de63a2d85245b9516200c6006fa2590d85504b53dbfaa856c0f09e005d81b093

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:26 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Tue, 10 Jul 2012 17:23:40 GMT
Accept-Ranges
bytes
ETag
"f7e981bfc05ecd1:0"
Content-Length
1571
Content-Type
image/png
2236023.32.png
w2.updatestar.com/img/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.updatestar.com/img/icons/2236023.32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
434b7e0b584be009c25195884993832ed966bed05cae50f0eb0208b0776b2051

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:26 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Sun, 23 Aug 2015 23:01:54 GMT
Accept-Ranges
bytes
ETag
"7ebc3bb4f7ddd01:0"
Content-Length
1385
Content-Type
image/png
1988109.32.png
w2.updatestar.com/img/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.updatestar.com/img/icons/1988109.32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
4b035ca8208aad679ae8c9985f6611bebbce7f7f95b243c141e94f6f58b072a5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:26 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Tue, 10 Jul 2012 11:00:11 GMT
Accept-Ranges
bytes
ETag
"71b7582d8b5ecd1:0"
Content-Length
1351
Content-Type
image/png
2434529.32.png
w2.updatestar.com/img/icons/ 		951 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.updatestar.com/img/icons/2434529.32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
f67d561d5b6be5ff2e22d7bb5274491524614f655eef3d4635627b1a79c2d47a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:26 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Tue, 21 Jan 2020 00:07:10 GMT
Accept-Ranges
bytes
ETag
"057d1b9eecfd51:0"
Content-Length
951
Content-Type
image/png
2371184.32.png
w2.updatestar.com/img/icons/ 		891 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2.updatestar.com/img/icons/2371184.32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
1f7a426a3a38ae195e1d0bd7504788282ea2cc4524f45490f88a76ac7048bf96

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:26 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 15 Dec 2017 00:08:29 GMT
Accept-Ranges
bytes
ETag
"4cce68d63875d31:0"
Content-Length
891
Content-Type
image/png
us32.png
www.updatestar.com/img/ 		465 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.updatestar.com/img/us32.png
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
bdcc0895910efb7613d6b32a61ddd3a0ea248d74c871b9e12e6cfd674130902d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:25 GMT
Cache-Control
public,max-age=31536000
Last-Modified
Sat, 01 Mar 2014 12:41:49 GMT
Accept-Ranges
bytes
ETag
"80e419d4b35cf1:0"
Content-Length
465
Content-Type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 16:44:17 GMT
main.min.js
www.updatestar.com/js/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.updatestar.com/js/main.min.js?v=9274c21127d4d657506b3661b932862c
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
3728c4200575ae429059881bd337d80412973989b3d9dcac88323dd8696bebe6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Mar 2022 16:58:08 GMT
ETag
"090a4868d2dd81:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
15899
bundle-dark.min.css
www.updatestar.com/css/ 		150 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.updatestar.com/css/bundle-dark.min.css?v=fb0807a66a330bdbff8e757389df1781
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2a01:488:67:1000:523:fd96:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
/
Resource Hash
cd7e155cc1a97d339ee280ca2b48faf49066403eb3a83956acdd797a1783032f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 15:48:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Mar 2022 16:58:08 GMT
ETag
"090a4868d2dd81:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
23027
pubads_impl_2022103101.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19c22b759f0237ac8507dd5377ed3a965a858bb76a115263a303fefdec060b17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 17:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130899
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 08:34:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Nov 2023 17:13:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		122 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=microsoft-office-business.updatestar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21388759ea0ee9cbe63da8a7d89ced01ebb2977c2ec178cc1f2936d3c4e46985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
expires
Thu, 03 Nov 2022 16:49:18 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/ 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4118765744455397&plah=microsoft-office-business.updatestar.com&bust=31070664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de6e5a5ffa0f7ea0c95cc7035fd642f2254368b814aed377ae3dd99d5eaa46d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118918
x-xss-protection
0
server
cafe
etag
6907702179910370017
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 16:49:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame B7BB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
81814
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 02 Nov 2022 18:05:44 GMT
etag
2424782735605397694
expires
Wed, 16 Nov 2022 18:05:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
363 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QYZVPCNV1D&gtm=2oeb20&_p=2143820765&cid=47254813.1667494158&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667494158&sct=1&seg=0&dl=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&dt=Microsoft%20365%20Apps%20for%20Business%2016.0.15726.20174%20-%20T%C3%A9l%C3%A9charger&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QYZVPCNV1D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://microsoft-office-business.updatestar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=microsoft-office-business.updatestar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=microsoft-office-business.updatestar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		140 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3114586240850031&correlator=4465704609769691&eid=31070681%2C44775318&output=ldjh&gdfp_req=1&vrg=2022103101&ptt=17&impl=fifs&iu_parts=1032860%2CDetail_Left_Top_WideSkyscraper%2CDetail_Center_Top_Leaderboard%2CDetail_Right_Middle_MediumRectangle%2CDetail_Right_Bottom_MediumRectangle%2CDetail_Center_Bottom_LargeRectangle&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=160x600%2C728x90%2C336x280%2C336x280%2C336x280&ifi=3&adks=2459160219%2C54240663%2C1989851401%2C3518012090%2C132238113&sfv=1-0-38&cust_params=Product%3Dmicrosoft-office-business&sc=1&cookie_enabled=1&abxe=1&dt=1667494158284&lmt=1667490505&dlt=1667494157388&idt=833&adxs=191%2C392%2C1046%2C1046%2C517&adys=527%2C136%2C537%2C837%2C1835&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&frm=20&vis=1&psz=211x990%7C1058x90%7C440x1644%7C440x1644%7C617x2120&msz=160x600%7C728x90%7C336x280%7C336x280%7C336x280&fws=512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7298f3997759c168d5d1240f015797e41aa06a61432300f0b42a51f64755ce56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42718
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://microsoft-office-business.updatestar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FDA0 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:18 GMT
expires
Fri, 03 Nov 2023 16:49:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		395 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=microsoft-office-business.updatestar.com&callback=_gfp_s_&client=ca-pub-4118765744455397&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4118765744455397&plah=microsoft-office-business.updatestar.com&bust=31070664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88c4e0a58229c56adbd606848940a072becd8c975428840f50e3c6a662ddf080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
254
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0932 		269 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&adk=1812271804&adf=3025194257&lmt=1667490505&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494158055&bpp=5&bdt=668&idt=353&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7287618061292&frm=20&pv=2&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017&oid=2&pvsid=3114586240850031&tmod=397930493&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4118765744455397&plah=microsoft-office-business.updatestar.com&bust=31070664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0870afe7927eb83f3cf2479613d4e571e584e2e154220da4c5a324fedb5b2d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
68742
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:19 GMT
expires
Thu, 03 Nov 2022 16:49:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7163 		22 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=7484580198&adk=3746994897&adf=4043999025&pi=t.ma~as.7484580198&w=587&fwrn=4&fwrnh=100&lmt=1667490505&rafmt=1&format=587x280&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494158060&bpp=4&bdt=672&idt=374&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7287618061292&frm=20&pv=1&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017&oid=2&pvsid=3114586240850031&tmod=397930493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=toGFNNg0WI&p=https%3A//microsoft-office-business.updatestar.com&dtd=381
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4118765744455397&plah=microsoft-office-business.updatestar.com&bust=31070664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f24bc52297f0b66cf12c25136e775b2a15d7494ce6853074f93adf5d6bdd78a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9804
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:19 GMT
expires
Thu, 03 Nov 2022 16:49:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 7163 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=7484580198&adk=3746994897&adf=4043999025&pi=t.ma~as.7484580198&w=587&fwrn=4&fwrnh=100&lmt=1667490505&rafmt=1&format=587x280&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494158060&bpp=4&bdt=672&idt=374&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7287618061292&frm=20&pv=1&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017&oid=2&pvsid=3114586240850031&tmod=397930493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=toGFNNg0WI&p=https%3A//microsoft-office-business.updatestar.com&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 15:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6436
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 15:02:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 7163 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=7484580198&adk=3746994897&adf=4043999025&pi=t.ma~as.7484580198&w=587&fwrn=4&fwrnh=100&lmt=1667490505&rafmt=1&format=587x280&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494158060&bpp=4&bdt=672&idt=374&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7287618061292&frm=20&pv=1&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017&oid=2&pvsid=3114586240850031&tmod=397930493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=toGFNNg0WI&p=https%3A//microsoft-office-business.updatestar.com&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
7834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:38:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7163 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=7484580198&adk=3746994897&adf=4043999025&pi=t.ma~as.7484580198&w=587&fwrn=4&fwrnh=100&lmt=1667490505&rafmt=1&format=587x280&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494158060&bpp=4&bdt=672&idt=374&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7287618061292&frm=20&pv=1&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017&oid=2&pvsid=3114586240850031&tmod=397930493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=toGFNNg0WI&p=https%3A//microsoft-office-business.updatestar.com&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667389194171289"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 16:49:19 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7163 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CiR7ODvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTuAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqM7WCLExSD5drnlfHxCUgIpimQNl5G6iWc1ogopXBcfCagre3AgT2ABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDExODc2NTc0NDQ1NTM5NxgA&sigh=e878k6MMghI&uach_m=[UACH]&cid=CAQSGwDq26N9QAS48QPYD9RLqdzR41UmPKBj9XjyMBgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=7484580198&adk=3746994897&adf=4043999025&pi=t.ma~as.7484580198&w=587&fwrn=4&fwrnh=100&lmt=1667490505&rafmt=1&format=587x280&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494158060&bpp=4&bdt=672&idt=374&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7287618061292&frm=20&pv=1&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017&oid=2&pvsid=3114586240850031&tmod=397930493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=toGFNNg0WI&p=https%3A//microsoft-office-business.updatestar.com&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=7484580198&adk=3746994897&adf=4043999025&pi=t.ma~as.7484580198&w=587&fwrn=4&fwrnh=100&lmt=1667490505&rafmt=1&format=587x280&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494158060&bpp=4&bdt=672&idt=374&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7287618061292&frm=20&pv=1&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017&oid=2&pvsid=3114586240850031&tmod=397930493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=toGFNNg0WI&p=https%3A//microsoft-office-business.updatestar.com&dtd=381
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 03 Nov 2022 16:49:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 03 Nov 2022 16:49:19 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 7163 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOftFMD6RMsEmAKdg2ICAgAAALxBEx_cCYQyEA7xY2OV022-chP5xChBWgASAAA&wp=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=7484580198&adk=3746994897&adf=4043999025&pi=t.ma~as.7484580198&w=587&fwrn=4&fwrnh=100&lmt=1667490505&rafmt=1&format=587x280&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494158060&bpp=4&bdt=672&idt=374&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7287618061292&frm=20&pv=1&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017&oid=2&pvsid=3114586240850031&tmod=397930493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=toGFNNg0WI&p=https%3A//microsoft-office-business.updatestar.com&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
233281
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2CFE 		199 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=7484580198&adk=3746994897&adf=4043999025&pi=t.ma~as.7484580198&w=587&fwrn=4&fwrnh=100&lmt=1667490505&rafmt=1&format=587x280&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494158060&bpp=4&bdt=672&idt=374&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7287618061292&frm=20&pv=1&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017&oid=2&pvsid=3114586240850031&tmod=397930493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=toGFNNg0WI&p=https%3A//microsoft-office-business.updatestar.com&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f14f353561ee2a5c0bb0dcc7f70201c5e92d22749122f1880df3b44dbd00e7ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:19 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZJ6-nKvIoenLm6Z0CL9wdw-S361y2Hym0FI4AF7mAnyQ0MY1vGOwsfTqEKr21kbfACrzz72Slcs9GqqEJFn2UuzO0nTSGTiVvvX13bg3ogH73XV6Kq_W_3hF1Iw5ne1EaXKWTSOz53ybSSx8TZwYe_AjhfTCLvJW3OgKHDKKvVL0bdTs_WO7_hmN_a9PVjFpZcgIdR6ZQ4XWZfb06BAjUQJlIf4vs92bAdU57uFlLKC8K_mAUPgi8mAYGSUv4fUZbsSEhw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
162408801
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 7163 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
269f2ddaa86e3a5b1fa214679d09569f1de6234f7ccd4c801fb699d06861bd1b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2CFE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 29 Oct 2023 16:49:20 GMT
adchoices_fr.svg
static.criteo.net/flash/icon/ Frame 2CFE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_fr.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-75e"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 29 Oct 2023 16:49:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2CFE 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 29 Oct 2023 16:49:20 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2CFE 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 29 Oct 2023 16:49:20 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 2CFE 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0uKzC8pGdVdUFK3Aoh9333cXwbw6EjCww600gz4mWT_pXwcaEkixJcHZFQU78DOePNc-tcIgTEJCNYMlbo2nDxPf_0TYJWjIyeo_ps4MEfrCc3rdf1wc_JhXAtFUuHIJNNXwgQa2Oh6XuuFbHsDHjuuBlmUajpnVJQZkYj3Nxb21SBN-mNqxL4-YtHSGwy4jMenfdIlmdkwsROq_YLBqxeLrusjM6dnotnSNK23HTBEmjPse1Yu-jUB1CxyANzJB6bzZ2fmEyHDck24yxhPU-yWhPklad3qMEb89iFbX33TiKxkLoJBXfXJLk9ZVEvRqroSXjiTAVRceEuC-_laxEyfU23VG9hO_m14HvufxX2TjXSvwzjs9KbzVZoOkEBnBHvYDig4aPJd1uuEySUe7fxk8Y5v-jb55wh_YXgmw2eU7m2CG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4083019
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2CFE 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
600960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeoeuVabXkEGY2Fy3MYaYA5FjyWwFoVEJNAJTit8umXuNI41PVnl5tJ%2BXvjYRtowHkDgweEj4H7aur0QCyMf%2BJ3c55Ft1JywOAHVx%2FJblzsdo9iOtCIkiqvd5FDAOTdNCDH0H39BivCCQ9KGKedi%2Fjje"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76469a44aae1d2e1-CDG
expires
Tue, 24 Oct 2023 16:49:20 GMT
animejs.js
static.criteo.net/animejs/ Frame 2CFE 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 29 Oct 2023 16:49:20 GMT
img
pix.eu.criteo.net/img/ Frame 2CFE 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=64440&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F64439%2F210127%2F6a622fe82df14bc2becda9018a610165_logo_n_square.png&v=3&w=196&s=kBPu0kAsR02E5zU6Co3n5Hql
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
620751d88f63f8cf16cf8672ab8c888c890592dd00365251c97924f1e88ffe0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29086281
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15489
expires
Fri, 06 Oct 2023 08:20:41 GMT
img
pix.eu.criteo.net/img/ Frame 2CFE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64440&q=80&r=0&u=https%3A%2F%2Fstatic.kinguin.net%2Fmedia%2Fcatalog%2Fcategory%2Fcache%2F1%2Fimage%2F9df78eab33525d08d6e5fb8d27136e95%2FDiscord_173.jpg&v=3&w=800&s=JpvfEPQ-FAfLbEenS4gtobL0&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6848765e662841c465d9d9b69c5051d383efe168230eb260fa52518f714b745f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=36808
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3810
expires
Fri, 04 Nov 2022 03:02:48 GMT
img
pix.eu.criteo.net/img/ Frame 2CFE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64440&q=80&r=0&u=https%3A%2F%2Fstatic.kinguin.net%2Fmedia%2Fcatalog%2Fcategory%2Fcache%2F1%2Fimage%2F9df78eab33525d08d6e5fb8d27136e95%2Fbli_1_2.jpg&v=3&w=800&s=UOnoUHjmjIKCheK43acfPd6g&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
3aa6ded63388165ecc595833f92cb3b5763405b7b8d384cacf20ab375daf1752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2644008
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3946
expires
Sun, 04 Dec 2022 07:16:08 GMT
img
pix.eu.criteo.net/img/ Frame 2CFE 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64440&q=80&r=0&u=https%3A%2F%2Fstatic.kinguin.net%2Fmedia%2Fcatalog%2Fcategory%2Fcache%2F1%2Fimage%2F9df78eab33525d08d6e5fb8d27136e95%2Fmmm_271_3_1_2_1.jpg&v=3&w=800&s=I0xs5V7zveSlAd0iVJAdSX-F&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
f76e3b03ff630176e4c3d53a7c1523e5bfbb774e95bd7c33356d8b8e52b95161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1878087
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
43816
expires
Fri, 25 Nov 2022 10:30:47 GMT
img
pix.eu.criteo.net/img/ Frame 2CFE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64440&q=80&r=0&u=https%3A%2F%2Fstatic.kinguin.net%2Fmedia%2Fcatalog%2Fcategory%2Fcache%2F1%2Fimage%2F9df78eab33525d08d6e5fb8d27136e95%2Fnetflix100tr.jpg&v=3&w=800&s=jyE5i4GspT9BN7XvKC2CaQNz&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ea8828e12c2ab94be69e35c50ae78f4d58a9b5e7b87eb477a4fc17daa6714fa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2636110
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4012
expires
Sun, 04 Dec 2022 05:04:31 GMT
img
pix.eu.criteo.net/img/ Frame 2CFE 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64440&q=80&r=0&u=https%3A%2F%2Fstatic.kinguin.net%2Fmedia%2Fcatalog%2Fcategory%2Fcache%2F1%2Fimage%2F9df78eab33525d08d6e5fb8d27136e95%2F5gamdom173.png&v=3&w=800&s=5JwX4CL_ShNwVW6LmAfTFFUd&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6eca3a6f04f80dd3903887baf08e3e2bde5d3bef08a3ea803838de3c6f8e26c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2639715
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13268
expires
Sun, 04 Dec 2022 06:04:35 GMT
img
pix.eu.criteo.net/img/ Frame 2CFE 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64440&q=80&r=0&u=https%3A%2F%2Fstatic.kinguin.net%2Fmedia%2Fimages%2Fproducts%2F_fortnite_harley_main-173.jpg&v=3&w=800&s=1POyJQfVnF7zpf1xb37W5y_N&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
5262e59e345004d6b323e0527c41b00ecd2b678b254747010fc9cf81910f3ead
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2634318
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12544
expires
Sun, 04 Dec 2022 04:34:38 GMT
img
pix.eu.criteo.net/img/ Frame 2CFE 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64440&q=80&r=0&u=https%3A%2F%2Fstatic.kinguin.net%2Fmedia%2Fcatalog%2Fcategory%2Fcache%2F1%2Fimage%2F9df78eab33525d08d6e5fb8d27136e95%2F50gamdom173.png&v=3&w=800&s=0QXdfKtEjCZTSs4ytZ3YNdZ-&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ed333f250f45be34a8b4006679e9316e4443ff29d87abb8e73528b9e3d2f84de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=33989
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13299
expires
Fri, 04 Nov 2022 02:15:49 GMT
img
pix.eu.criteo.net/img/ Frame 2CFE 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64440&q=80&r=0&u=https%3A%2F%2Fstatic.kinguin.net%2Fmedia%2Fimages%2Fproducts%2F_TransCash_100_eur_173.jpg&v=3&w=800&s=25ytajx6AfvRO00MErKxDfFu&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
adce77ec710f232a8fa60a03ef8326fc860af3b5f4691ba6436083bd0a478d9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2307956
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12212
expires
Wed, 30 Nov 2022 09:55:17 GMT
img
pix.eu.criteo.net/img/ Frame 2CFE 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64440&q=80&r=0&u=https%3A%2F%2Fstatic.kinguin.net%2Fmedia%2Fcatalog%2Fcategory%2Fcache%2F1%2Fimage%2F9df78eab33525d08d6e5fb8d27136e95%2FCOD-MW2--small_3.jpg&v=3&w=800&s=KPn6BaW_pXPEWUny49MmAgzh&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a8ff92f96c6cecb20ff4a2de5860d5d937dd12e05caa772614dcd1455b6ba165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1238455
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4426
expires
Fri, 18 Nov 2022 00:50:15 GMT
img
pix.eu.criteo.net/img/ Frame 2CFE 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=64440&q=80&r=0&u=https%3A%2F%2Fstatic.kinguin.net%2Fmedia%2Fcatalog%2Fcategory%2Fcache%2F1%2Fimage%2F9df78eab33525d08d6e5fb8d27136e95%2F10gamdom173.png&v=3&w=800&s=40-RfaFYqMwR3KeL1X4E4UHd&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
eb99787a26cec944a941c710b26e2f38a93fdd1f315be3981b1d4358b788aa56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=2624481
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13225
expires
Sun, 04 Dec 2022 01:50:41 GMT
all
csm.eu.criteo.net/ Frame 2CFE 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZJ6-nKvIoenLm6Z0CL9wdw-S361y2Hym0FI4AF7mAnyQ0MY1vGOwsfTqEKr21kbfACrzz72Slcs9GqqEJFn2UuzO0nTSGTiVvvX13bg3ogH73XV6Kq_W_3hF1Iw5ne1EaXKWTSOz53ybSSx8TZwYe_AjhfTCLvJW3OgKHDKKvVL0bdTs_WO7_hmN_a9PVjFpZcgIdR6ZQ4XWZfb06BAjUQJlIf4vs92bAdU57uFlLKC8K_mAUPgi8mAYGSUv4fUZbsSEhw&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 03 Nov 2022 16:49:19 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2CFE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 29 Oct 2023 16:49:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2CFE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 29 Oct 2023 16:49:20 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/reactive_library_fy2021.js?bust=31070664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4118765744455397&plah=microsoft-office-business.updatestar.com&bust=31070664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a938387de5798d40c10411a056ab3a7d3a03986505081a3174e43e391bd7eda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52160
x-xss-protection
0
server
cafe
etag
10976906834025014594
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 16:49:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-4118765744455397&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 2CFE 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1afbf02ff203dd3afa888e73449b44a0ce303f21ece8ee6e8277ec354cc1d63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 15:04:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 16:49:20 GMT
container.html
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F026 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:18 GMT
expires
Fri, 03 Nov 2023 16:49:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2AA5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:18 GMT
expires
Fri, 03 Nov 2023 16:49:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2093 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:18 GMT
expires
Fri, 03 Nov 2023 16:49:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6CA7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:18 GMT
expires
Fri, 03 Nov 2023 16:49:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3CEB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:18 GMT
expires
Fri, 03 Nov 2023 16:49:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-4118765744455397&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.fr/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=microsoft-office-business.updatestar.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4118765744455397&plah=microsoft-office-business.updatestar.com&bust=31070664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=microsoft-office-business.updatestar.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4118765744455397&plah=microsoft-office-business.updatestar.com&bust=31070664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/ Frame 7275 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4118765744455397&plah=microsoft-office-business.updatestar.com&bust=31070664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
79136
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 02 Nov 2022 18:50:24 GMT
etag
2424782735605397694
expires
Wed, 16 Nov 2022 18:50:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/ Frame 73E7 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4118765744455397&plah=microsoft-office-business.updatestar.com&bust=31070664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
79136
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 02 Nov 2022 18:50:24 GMT
etag
2424782735605397694
expires
Wed, 16 Nov 2022 18:50:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 2CFE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 01:24:32 GMT
x-content-type-options
nosniff
age
55488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 01:24:32 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 2CFE 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 22:18:51 GMT
x-content-type-options
nosniff
age
153029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 22:18:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 3CEB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 10:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
22282
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 10:37:58 GMT
css
fonts.googleapis.com/ Frame 3CEB 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 14:54:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 16:49:20 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame 3CEB 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.css
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 12:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 10:41:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 12:53:08 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame 3CEB 		362 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 21:09:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126916
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 10:41:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 21:09:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 3CEB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
7835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:38:45 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2018 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi_7d7KATAB&v=APEucNXs_P-l_Ne3WQ1eWyzF52-HA3-LS5nUTtlx99QhHzyhs7yEdNfQH_AzOHae5FOr2i5mWbLKFJCc03jljdx-X182YcSX8Q5Gp1OCq4RAPXRVzq6ocHD6WK_a_FI2JamTBKndpWe2SWwDL-gn--mA5eEm5ibJjdvYPK9xV2Eoel3dU0OErEY
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:20 GMT
expires
Thu, 03 Nov 2022 16:49:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 276D 		67 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-oYf6_yGTaAyHDcoc4tHezT_UQ94gkgjY-kbraRsYFHBhWfc6_Q9FQOFf04MZrF0BfrgNYgutgPTAzTTyRb5YypVFLQ&cry=1&dbm_d=AKAmf-Ck38Ii2cj1twsK9e7jB9iNokrlk-wOkr1xS1oPEoujLW31wh9Codq88l-q2RqL4_Tab49-KBUAkRdR5tsa-VCDERAb3R_KkxjIoRFLQUE0J9so28ynfuccNNl9qVHbOxyAzWlEVNw7uFH8RRNO6z3-EShiM1vFx3k04F6f4-x2hrrrKW2TEHxCDBFay38LbBA2EZKLk4dXvsDk9-sTX37gRMgw8bT1AbDn8ytmtuzHHoKKHklxAZQeFbkL1rvBKsyPbXVOtSjQdE2q6E6p_IUlRwH1Zvk28aNOhnOYzHgFAlKSKpbtXZfK3DmRHeW-3LBLcM9Ez1vJUe1ErxeTP5DFxqnIP3YgGYwEkRcqweeExS7sgIV2j7sw1ILTvXz8O9fJhWgemtQ-5mUe_kGVudpX0OWQYNUggnwsBXOvla01DuBgvtwN0CAsgF1om8-NrFla_4LMS8NIQbBpDfszRewR_WtFe9TwydFgz6mobPsEXlbGyL7Rku6cs3J2UdI02oIS-8wW-qX4AM9vNBYZREA8foBzCiLuGO8UOXRQL9Cn6GUChUX3oLI4wR_5Kzj-Bf4M7OGpnqaSTO5s50TuBZWL9eq7cY7mi_vtHiDyqqoLXHEDXQwJL92pOju-Qe81ACZd9kRDlQfJMksUWgSOL44ee1SUPG-KMCwzneVYqE596istpHBNktvcpDrjAmBXdGpGDd9jNsNZqiSomQlzB-7GaId4T2aGV8IEjzIZBCq6c35gtv7kRSRUuW30RYtbwbQa50UbsFnOffJIm-GKEpNYI7Dovlwlg9z2_8MV1gyaVOXCbSkrLwNtHt4MWouyxkuBBv6dj8y5VE2_mPjmQGf1NiTRvbNsI_ER3vaLrbK1Hrxb44sGQSUrzlrd01eimQs1ZOKiDme2ASF15no1Yx0EKby-fDBDCWyO1xDvwfyDoJNoTrAZzaC6XJgseiOlEgkqxvRWnI972FSgWX52NRSaN4TjPyTusLPOdykP8Eg57ZwQ34ID0zCsobXWo5afXn0wIxqvUe1VorcnVBschPdRahrpeAPbzZNgA7iFc7I5v52vv7NwfwO69adJMMGOjHWXUjY0nYYGe7rv4Pbdy-K3SIjI_6ypVtOf-2yefIVFK1c5uEaAzDtmoIgRXDppbAsvA_Vd6andhu4rPZzusZmHHDHcVeTLSRRuNBTnZAKB4jqySWk92-PRl9OfcqgjEKgxt3S3htxMP2-8HF5JMcz4Rq7m42C1-9A6G1t10mIIiVDlc7n5d67J2ZXRzvi-A-WqXVpqgpSZP4ZR723njVNDJNJf9FcsCJghnCtX3xg0dp4Lpvu5EJVQBJ9jVmL9o71jMgtKUUO2S40Qn6oNmXnx5kC9Km7eAz_UGeRfqS-80E76JeNxuRkKI0HqAYaTEzj1TK8hksroUjyFMuu-IXZKQdwo2dXmUT12IDKEzNJsaveVBgzo4MpkESM_r4dFpMIvC2ncdrBnvFAC-hfzj4pVpp5z0DzyjErEBz6vkUf0GehfMOqqMcETFlt-nnl_zcgSc96aSjg5lChnDYDDznQiO6uGIEUDkESJMMru5iWOlrD2GiEePfe0zzMwySBZ_NtPQPloHyirckv3dS_yIfXEZ9SwUbPUAsXcrowDcG8xIY_sfiv2PKWFgd07ugeouyoo8otegHJ4ke1azvIVjfVoGksz_n7ib7ULfqKdj9VKinvkaY-qnu4SDMwOnesqutClu52VGjfUYW2pQjImfFes6ycfJPBs-bUqV2nYSFxRAdiYtmLETu-6J95C5P7tt9FVkfeaDKUhNlwvSVl9znY9Dl7eLVh_80gTvcgvFr-Y2aiZq6Ao_omGvRdV-QsYhHb_UjbkQbPH2tl4GhcOgp4G1V_4SEJFw3u87H7zDDz2sHlvlZHSbicnmXsdjrhpNrFtj4bRJSGsQDOVInKW16Bt12ZSVzOSKp2bWft7AL8xclPO5ZlUhnrlS-JBaFhlmmw5xyJV-kJZwyuAkJiovfp4Nh_zcH-Lkg5FyqdaFPepObtUttIRfFUqMKtz3_z96o0cnDyMwyEwMHfXgM8iuikKo1fHG5K6QnwINEm0x5Xe02YFHXcO_p6LWFLpvUGkmLo_ntwTQ1t2yU5HQEINOIDo8g00VDBZpLQwdhlvXzTBheTVRD7ZHoWJlKhidNrlCTXXFUCVEdZqEaSPEiFyg145G-xMMT9qQTbVjBuPUD9JsjwoebT3iYHTbROvLQ4Wpqs0t9sBS__Sgsy6ANnESi1ei1tDGd9513Oyehj5wgdKym0kkMTDnZIA3LRJWK60d0aX0c9CMtQc6YXFnzzBQrl48G2DczQ2upVhpI8k49W55ruxqhQKdtwR8ZmyauEcRv2ALyhJerqg1PO4S2L9ZqyxuPcDUpkPqneez08dCPccdSse4oahn75T6QNqC2tVpzcleDl0cwiu5zKn_79U84p7VMLhLaIx4YqZAfQE-DlltO7ItIvToZNE9_Q5yGrmlrCkDyA0KjG0Q5517mOtDgAoqlYUR022FSJKEI8sXWAG8vr7PdlXGrsDFSDqH_YNs-RiIXbDc0O0B1c5i8bYi9mv9UYYmEVZHky0-4Rl-dnWMVapiGgKcKdgqyXQZPOMi2d63E5PiDn6pBxPQGSi83SWjbdvLiBLlMuEnI6lVhqPsetH1fi2vgllTg4G2OsAcUr7CLzlkIAot-NoqkOfs_8tu4Mm1YysdAxIp3Yz4RbURyWm1AgHCXSLaTO8-qEycktKCMCBi0B6_XDsEepnA5XqQqCh_D0xoxgO0nhQwfsWlgXYppf-Oy6LEf2MI9aqCVx3nNr1uW622TU-V7n4x2VaNoZkjwRJv1zW3-U1Qq0ozRzv24ANNV9f_5e10r3HSi9Ifxy9dWUZmz3MptcD3DQa9_GUaUJm4oZi7H34FkhR3RHokoOxkCuYzBApEznGDxNPr0OlRz2OQ94gRhUyJHVfy2mOJJdcImKWBPx9ILRSMtI1dcVBssG9tul4guRXeL_ZiMvtEwJOId4Fh46VzM6KL_TdOLmjs9Rhp1eHs-k8GdPsqfFFDkvcri0Abiw98QEfqssXOWm18nR7zsEPjPW64C2-gqmTMDX76TCXJQ3ssr34ls_K3MvfwzJMvaGzhZlT70wqt70m58Up520RZ--ZU8SczpGVL0xuftixz5k59m1Z6AnsZOsza6N4qedJ64nAFMGvS68Ic9vGrqJ7k0TzihBpSOmEelN1pIeTzP1GRVMrAfTrEf4crNv6QgdU9tpc0o-iJXiASrsFQPvD87QafC9kuCcGNQWYJPf4YSDLsEEbbgQw3Jqrx7HIGq8FMG5Upv3WnOTWTVOXyt9rS0qt8qHOsYKo1iVPUcok-jVsZt0mMmLKJ65AJJwpuJ4EMHwSbUUZsicNEmW3j2w13k2-_c-kZpKr1oaAO3pbWVLE3nrIsleFwD-3M2LfEpufsx3P2XLVed_srCoAOgPY55-Qp6hPdbRrE-xBxYu_3kIHJhUoMMmQFnd7BK_Z6rqssLEujcs4&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
118f645cb55a728dcf16084643e5612881b10e9791baa656344baf2b0c6b4a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30675
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 276D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 15:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 15:02:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 276D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
7835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:38:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 276D 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667389194171289"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 16:49:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 276D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DtDsKQkPL7NMBtH9pC3OC_rAbwbLIvS-21q7hTZ2BeaETcSq092g0qv08Yizc3kCYETYt0s_oD3WIhQKh33pCXo7EbT4g0PgynEEptKW-MDQmz3oE
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F265 		640 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi99-HWATAB&v=APEucNXeSw2EXsi97dlFlKOL0SkjuVLoEbdm66E-53UnF745_uBApl4sq9SJTwtqpS7yT60bjv8iKNjU9__JrJSTVUxEQoKoIaMRMZ0zCmOLaqPTstLpZd4GXrxuwhM3Bh86_xomtgKM0R2UVVxtls9f4-KQs8Zgr5TeBh0djcXr7Bn1bjmSY8A
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:20 GMT
expires
Thu, 03 Nov 2022 16:49:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame F026 		67 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bam9JdBvrklsk1IfNWb9j_TImEbyJxc1ek69fbhhpxJHLHu88iNNR8G5OFKYiltuaDN3ojRqLtqpPMbUPkMGLuWMRhPg&cry=1&dbm_d=AKAmf-A9_F6ULO6oljM9UbBu21NEZqe37xyGAwKKvoW7bxTUoVYh6nvz4qu_mhd2cWxZUCXRePxbfdiGCvzHGz1TECW3zg4zDf_UKb0gygxhuFB4-ztAwcT1hYfCVHW-RsxVTCdRRw27qVBp-y9eM9kpA8YxDN_SVCmngqskAXfeg3ZqftHAlbCs0MZI-6wUbD0bGjFcUNZrfGgI9J3Cuhvpl8yz0kKWr-16QYi41BYx8R07jkD7ybHy8XBOKDc4mbaOdDOmd1bA6uCMo2NhqH6SnXvS7UYG9SnfBe0w0OG-NWQUQHzkvgoe4vdZXJg1oWMHb_29fe07o8DiBBJg5QLWqjyRQQjidUWHcDTqLGxvUZK-cVX80_APTP97A8t5S7uYZzgpnwUe8T8Z9tY7mThIRr00y4wjb_YkK_A2sbMBM1H6iw55cIEAClN1JBk6lhm7tFlt5GugGBj3kuu8LKfGQodAG1OjSAmY_KSBJ_-grxMMdvvzUExgwbCEJSoszMhjYhkg_9E4d-dCDB30zjbDGiXEfcepjqKokhWfUnAiWzcN46smnzH3O96gLDD1wCcMsyVeHVuJ4_I9tYDNxvm8xigfx8DFhD361SgQc-bzIlyZ1TTA3rV77KWnEAhvrm2eSpYNJkZd8DnL4ZoYXLoZOHf9iA-q01rBQ_P8S3rOQ8dSK4Vq3whdcX8T-whS0Xq33OJ9SWqZW_jps3uIf4N_cXIi59GcQfwmjyGfFm3AsWyZ4v2llnvL8I9kG4g4EwRf1w3pQizrXu-A3VJnm53w-JwUP1qXYwdLN419p-DLiBM7Sknj5fXLmp_pIw290iC26g3AWO_ioUt8oaRVhiIG1jTq8fGChJhiElebpiW34Vk4liQLn0661rwmsQB9wydQbIOAyZiGrqnKoFOze6Z0EVx6bU6IA-OJSWJ9WQnPIF_LZqoWfWafcRriPCcDP2JLMpDUuw94_kPPdK_ie9fZE_GLAm3J0Wc6PGsHOpJTewn6vz-GrLX01SMiYDfpHvE7HSlN4Z_b4BwOO8SO5zM9ato9blPGPzQre3SRVBmomzCY4ANos5WtPK3Zyd_w9Wl0xlLD4eiT2rkzCQ8mMI07oi-e7D2PzUqdY3-Bz99ag2uOCkyHnBe_TZ7q4DBC37eehp6ZA5XsPRTDBxp3unUn6DaTvViRrWCP-WN0YNGnJhT5CS_0SI0PRduWi3QuQDqvru54B_wOHVB3f49iMN8Z-s0VmqaB5HqReEgWwvcPVCq2s4mK0qaeLyOdUhpVvgHuDXZUlFCAxbhUCkNvmSqk4obsnVwdXlewUoJV2lRsrtgpll5LAFZoCpsEwjxgDbqpWecws_t0qH2DkqRf30zn3WWsYOLz9DnL47LoPuUgJbpPb2UzPAoJbHNdgVrz1c0Xi_zjxIL9e6NCevgAoXtyV41_BI5wtj8YQbXWiVVbiiV6YnXPoSBxR92-yFGgIA6TWUUjrN2qRrKi571JfpvmPx3I75zO4XQ-Mtu9__2l-fHmTF4JVjLheKilCJBnkiFfSe8zQFxgpK6zjF1kEK9qgUd0CctVk2zEpcyiElJ-_uOjOTj1XEdjn9k9A5Lupi1kNMyJ491iWYRVibp9xz8lQgbYSyc1YTvMCmInfNx1xgtHDBLVWIUJHKak0cc8aAYb_wG1F2HWXtC4vOG52Ob650xHkmSeTrZrN5CXbpl49yqOuOqBFXtkcgM9uSNZG_9LXXSq5SsDYpx2uh9J7_805lpu1C7iWebQpH-ukG41o0IfSe80TlLU1a45JceOybapUCHK39yw1Jfkw79n2g4Je-Jb4AazuULV-GmOlxEhSNKMVf293nbFfI6Xx5H1xFe2yc5hpD6ChjVvrYW5C0JtgdpUfb_aZRI7TWw_tpYAaMkf5tpJo6vrTgWFJTO8zMuHhO5h1rOUiNa2zJivqJLT2IIb4Hl9K43mVY4I48wbs-YvSR7XG9d_uXy5A_dIP4yYCPdnmdop1nBkjjZpwe3InRgJU_nEh3TD_91KOnpRS_vFawnts0ax82lxBHq6zbr64EOgQnZDGUtaSKRZQxomf9tmuDzx7B4ZXI71akF_PmNGLaO0efDNHByUoz71pIddVM3k-bdm9hthzyv9VJEHExvH9qgYeiN_TnHs2nqKmnLvWSZV6Q8Zw488do-WtfuT801dHc9pxbwWdtZJXIbfOZN0_FrjWaTAP41cK0Vj7mS7ggJr-c5em0dH200CpDwm9BIM2BfMCyH-TULRhmK3mzvzLHRT9BzRvyiFRG_mWQENDvdEqLFNYmjWYtTWOCy2V0YqTmYH1gYqr5tmNcaEWHy3H0KNRPtJEiigEmm-nCCl-Tdxjt_-sb03NdfU-nGLJnBGyarus-A0xZEf9ulqkiLHTol1G0IOTyY1VyT18ua4IEZyth4y_Gln7YjwmdpYPjn9uQ4f50uCRZEQ8SnMo-DJ33BRSV_4FggtYaOqk8eOtQseaLNT4jztDz3jk6oHBNqYHO8jgbXe3ucAR2TBd3iiBGC3bPj0ZUBpVMRWxwz9qak3AcU0q7NMF6USv9UkCUkBmTsXTPyyTPFxe32BLALorirUzLylwfqDL9QH_Y4WQX0v5v2A5vRxQlGm5GZ_YPkly5S26Tk_Aika-KYFNmN-WSxqzqv9Fxp0q8Q-1MLDL_x3i50_pDJWTQ-jbpfbX-1iYjnlPMbkOrbgPqe_kRMfP0TYJrfLpkcl3iQel3uvSG5dTVqAIIOTBF5IdIwNdq--cfFqZ0fVWveRMKdZEqv3yx9X7IWVpf6r6TAMQGcixfFMv9e5_6hcWVG8VT68oPI3dcPpRiBBSzi4PbIBqruU6UEvyFf1P5lg-aLPz6c4PSFvEAl8GQPtskLtTJYGToTc_JqENvCTVuNL6Bb1OoMioYdk68a9bDKaWNAQFCSMYiYSO4tGwbiTVKlV3wbqet-ELKEujOCvHO-8P6Vt6XNINevNhRz_hLAZ1XCKe46MEW64cyN0YXyagm-7xVyA-zo6ezSfl_FhMaEJ48472N6E0BM0vrgO_TZStmx-5CencAUDUOMUbQflRT5-ja2nJXC0shJwzIuercf3SKJucBEkWrYkuOmNGp1BO8hOat7uHgnWEYW0RVWOvKeqDizRNgbqDMiB_k80BEJfP1siiCVsDQyBSYzghFd2i1RoPefz08yMUVblteoWN06Lew0n0VZcNFo-Sn6oF9EGBlxuxjS3pvqk94n-_E5bc2AQFwhskryqvYu0ybynlMq63nXiRSdODflQ6c7tBLgsnhLvEmTozdTQK5JZ6c_DUu15SYua-tqbGksRXWkZRiVLwjh3TYMOXx8hRRDiWp__fAG9BBBmxxHalFI09yuy5JgCecKh5H7kkI6WRdjhbXBFTNjA8T0ZOLVhCQo70pdKiwTTX0cOqHpFBEW3F9qTHamK29Y57jYiy7Tq1P-qujAy8X_lWyEz9fq65tPjKAtzVhFHTCqwxciKdPqip_vbKDN_KdXrcEtFZgo&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2f6796da5d4ebe95437088d0dd52824d9dacd9330bb46e171219d2658b184d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30685
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F026 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BygX6PineXpWf8ytG7xKpuwDZ98_RM59cHDByMkM4iOIgzTeCPrXVXE4CefPXj9uGhnOHXq0GmZXVJwN5kuwBG5BGib1AU0JTLAL0tzVCtwMRayLs
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame F026 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 15:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 15:02:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame F026 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
7835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:38:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F026 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667389194171289"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 16:49:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 23E9 		466 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi_7d7KATAB&v=APEucNUV764CP8rHPirHvnOuIPY4nzND2KVYmCcLuE0cRZCdPBwSnjYSpphcoHV9nzRLgFEaMhI3DEMkJDkj_9oRlXwdJB9K2pDOvxSsPTBP3iHyMvRBUnGEpaKxn-DKFR1ypF2z6R1v_Sap37Y3CCNgR6Yr-iqT532l5fZw-xudKymH3JHDELI
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
280
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:20 GMT
expires
Thu, 03 Nov 2022 16:49:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3958 		67 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKTLG9d6WGIfotY9WzZNUI9h2gyPSfCrowkSZMxyoDkstNwzDNZS-iVsSTQUF7DxOtW0hVXeQE8UhFC-5MvbxpSf3woA&cry=1&dbm_d=AKAmf-CiXeOz1JQYIPo7TB7BSbpB26n43r66n-ad-1r9jXxEePiUd3mCf7uEQNKLWgrg2B2nDQwEIF52OI3kaaE01-_lOMFnw6mB-yodCNfQdSs6E_ki6FqUcNTWqyUydam-5te42u8BGPvDaTAyvnhIf_CWAyHt_TKgWl6ELnKAUnMh125dvcRNzNgmvAq9ARUlLu03iy-0q4olcTpAcUIsar7_ANRxjx_1-H0zRGNlgru5KP9H2-NSZJrUXm2Qwp3wSts_rlTL3vPzd2P5-ZXqMEflPCmsMeuzMaKvp5zV02XqiXBHY2x5uWG7Lzqtd_qsWbr10B4gbq1bG9kAdQivYXLT-l_hYAEL6KfeZy2w_gVYt0h6zUcwKLD2oc5YN4V3st1ot8NXj9zG1prxxLZjlprh-fc0vNrh9dulZZkny_-ImrOETbDO4YN90aGIs_mirBp9uPGrOg6g00c6H_kNoq-wEyo7m247MLlloO_ExZsd8d6IFz4YrlCsFRWppDX0MSBs2odU_GQqnIGD1ZMx33U0C8h-2GNuCAgvs9ZR7pnnXLn64w6vbNRREJNr0FkjsHT6DkXyx25WxWTs3TQulvnlHPvCYfTIle1iZcwXKrbxWUzgN9O28TdqcqndhlMMa0jo7dU973ncYNNOSOlvy43kwkJe-HG6rE1PEGXM2Zw_q0-53bkgsyAWqWOTXNBBHAQK1RGafQ_iYYDYk1YcucmTs6xR_cRL3okDz7Rz_VISLd_813Zr5unD7eKAiQuqwo4Wrt7nXlrTPmPNoS8Z8MwRmPc05RNuyx-a4PXL2_tT5djWEa4ZYVcMe--Rtw4JTsk94kzArcwkNO64Fh-e9AgRGfJfGf0-lHB_xxGzPjwgFJOaP86XTLNTh-9yGFxN6AY5Iq5iInDTCIwxo3ATTzzwLmBjLSTEOemmv1HRyrXMsCmPKonUhn3aswXrudKx9pO26n_lkVmm1CeEjxC7beyxjBVPWrRYunMSluaYZabb2eOOshk83Z9QF5sIqS74CwOzB_Bp9RYkY_K_fLVE3Lm_htanIRnTQyJCGLA0D7c9Zdqg10VgRWF1MO-yYpukMDySBcnM0F0fDSut6hthNEWsYvcIwzg2gRe9Hd_FKLxa4kL0UTO--7cQr2mi9boTokE1OH0Ypgn3cIaEBHGElpnBA9nLBPsFSklRJ7_kZ4YupdLF9XZJWWd570giqPInOZpWn1OKkaJv3ZNQfHqiLNmWkr8hT-fDaucIu3I7jd87_o6K1z_T39EIMAJlKZMbzo5EW_di6-KybfoNid-BO4yBjxBzyKrcUejw6qKfIRv7jZ3hXRz24aXHqsbpQ92Uzw2Xg0OjRe4csxt6lq2SyJIX-GMizmoo5GKMcwy5JD6FBbnaqR_RUXP8XuQhO85BV-6ZNd8MKgDyF74rJDN99hjpJje0Zbvs_-PHjKNZu6o7uJkXx95ihd7762Y_pyEw8zGphNDMXb7ap70tMY0rsMydzsi3i9VZSlhXZ14SfSY8sjpuYkmRNF1cKjK5hYmXHSMXTsUPxC-FfnuuBN8MgO98Xbf0Q3juPjUqpg26HqoReHAjfPYeUrMovW4n3T1NvzCaQfwjKLl9HKbVmMJz_vSlb3F3iytD6NowOSUp9VvH2kCF-npdHudZWEJfsYtTd4ieKoHHhXO82OOD3W3sKtZ6pmYW9O4BydAY-Ow93yehNsTXA9jS253dipeb1BxnhEHo3vuaAFlAT2Ma8w_l4i5hyxkKkWINyh-0bHtT3AEoOzPr5p8rcuiQeLENlCXoHP2M6wH9IR5fannTsfX-B8mYlz9bi3vGvizeFNx9XAFWgL2JZ7CxcDvrfEAPM0OP3wtFvHaiwKA7_Wyf-iynPHTh0_-rrghUiKCzC--jPoCV9hvYGSEBanZJBUwts27476cuGdbZlIXOIRPm4Kpo-5Dl40vWVGktvw_V-27IzmlG_hLn50OeoTH-bI0FLepa1L3kZdb-xFwZsU2BTBtbsldkHJTKyL47baMmRGgYcbPsWa1YlAwY4uExZqQDK43tYiV-x_AzUAF74_kl_D8OBksE__wv71z4URYpQTQHsddRCDSj_Y-118eyoDa4Cc58uZ3EL2O-Jyrqt-IH9cpNy4mEqd7-tQ64MXwP1D3mCtM-gMJPknxonlpLnJ5qhpE7N3He4todPe7uTWMYMw8ShEQUkgA4hc688xDN0Vhzld4Rpoxkt5E9YxH5OapUxv7W-gyx2eya8Fhe46ilu6SF9EejGPQpkADzWS0RzW43rcccfvbIw-cGkOwJTWVMwN1bE7cAbVRKjR8QdyfpxA-SaOehNJnOyqZAin824ZKitt9wri3RgrLtO80Pl_wCZxKvgd3y9yO1XhF4_A1j6i4pCh1VxxttqrRkUtdAvTk0LN5zfeVaKDGtpdyJMl-yvdK7ksY3G3-95cBeY2oRjmPgYWgD7cN3JESL_jKwlhQY0DK70Wwx-LSKwbFK5imzJM3BY4v9FvSOeOw5D-dNcv6SfCCJVroA8W_x4-lctC6W6O_18xi0rWbckziq30l5VFN-CG6B5i16K7hBxUkWsOLpuG4iJM1iJwotQmwQxywFsQbUAuPKE8urG69XGtjlf4Z6A7QJwYW6sB2HT_kWPEuBG5VoBgFh_shR5sLhsU9AC41cRpYuvdX1lQpLxCkjYFKyRCf_49HnLkgwpxpkI-sAhfEuXVxhqi4ba5qy5xufG1fTWvIgUKMk7TTLqoAjDbs0QgTF5bvFhzaAf8iIsnbwUSstuaC-edwsdVM4gGyle8oii1jG04jgYavT9ku5UT5FPgSKqQ9dgf3HgqXwtRnWzEXoZ5uQDSke_D7Lj7bhAd-608YpUXOPLuOZwoMZiiyv9YmTpE0oqxLLKZjCjx1qdUNNJZdMKGWBIVvuVcVFSE1O-ZAhRDD8eRIUjsuvM6haKHb9TnIV4Ud_5zsyFEbXisEeCVDRvr6epqoNTWIPmSDh0gmZ-lyPzTDfHhSalcg-mScfxMBvFjmT146FgqdiiGvBp3znRAM5mwGAjdz8ztCDIITL3hypPKMtATeSZBBw3zisUNmzQ798DJW_j5Xmd-otio1c7s8HLzpeYPCkWpqLJ1XVPq1u-3cYLQ6I7bRoi_JBtVwCyYLuG9389NttqbQ_rGtFGHBoD49nGo5Ar2SeBtqzT025uYcDH8UEy_Q502Z7OVmmxMVjarBVNjS5urqdycifvClZfwz0WDTz95RsNYDCumdvOG-2y_Sv1F8nkcjwt3nEymAo5sXRL7wD810vour-duViWIs8toVzgh-kWrjAOq-FF3JUCX6N0jFlN13OTQkb0ywPr_bdiv1P3PBkSg05-i7v0s9_2esRJDNu0MI5pvbjhPbvwPvzfJ_prUVOT8HEPZmt1www1g736eEnDeipopxQnz4jDmK7I5Ak0sGGp720Xyrnkt5fAgLrnvYeyz9ir9XZjshX6zsyI87YbaOBv0ojpUj6DqPu_a_yyiWB-1i714KS0kNKlOUseD7hAPr2&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
947fbcfc93e3daf7cc980dbaf7a27eb33a3b3c18f0bc113370aadc02ed32031a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30784
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 3958 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 15:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 15:02:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 3958 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
7835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:38:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3958 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667389194171289"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 16:49:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3958 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BT3Fg1iDm7M3gzr6Kqs9UZFLLEYM5qVl1yBgiucXJHypQdovT8G7ewJffNq57vFEWh1vkc-mZxiRjO5FBASrvT0ENJObL4R8SrXpkBlFwzQD2wTqo
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C449 		398 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxij8d7KATAB&v=APEucNW9XYr_Ubx8wh5oJbUB9JB3y2SdeNXQxJUhMG6FXIZTXtHuirmPV-cUNlEZtjHs-nvnM82vXaOKwcnTD7sKu4eAZvbX73E_Lwp4re-fMY1xPjm53jzUDNxCjnJm2srWL4rQ6n0cegYjMHzTyLrd-7GFhZGCJU8cue-DfZ5P9GDG2lZf3F8
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
258
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:20 GMT
expires
Thu, 03 Nov 2022 16:49:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2AA5 		67 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1SEijViJIrYRFDs5IqtPIAdhgHBwAR4cL-ShHgcwIR01HxiTAn_Z3kjLeeD1r-AOTMRouq0R2XVWKujuSdLGtjkEdvg&cry=1&dbm_d=AKAmf-Do2YN-xCFHwUMg_QWBPbUwmAl-oERn26veBWwwDUvsPSedPC-qBpV7dPZOPb8dkJzHOmzOYUiCEAwFWdqm-mqm_K0tBWpAvto-7GpzMOcn2B5Kf5iYQsrOFoJW-45lIafRUiPgel4QtLZXDgBa3_jtAkSrkPDiH7OoZZ1SpZzucybF7HHe7OAycvy-37faXRDlaeslkcRDg-xg4nlCtrvalfSGaPUtqxKM2SzxZkp0IjSRLzusR-M5XfVKQZDxfcScm3E0ZOOrsC_6TExnEJgX2ks40JucindeqC6mxRrI1x5Ugek2gq5FuyJn3ExFIfMipPT-u_Pgw7Damw7qAHLoGz3GdHHu0zRT15u5G44GqwSIicOQ2rwBIoIA2gUw25OfMngLsUe_mRJbF7HWkgSIqIkPbno1fmxdmiwsDcE_HhGP1h4S56D_yX6Xu4YdOJJpEmFJ31Upk_rDQTa4IYlGS1Mjjw5XQFC3hOt0S3QxuDFVfaw5NRXost1nOKSMacx2gsCKbPmMUxww-uLLerTxJeDncc-RQVwIOLf5FwrTFxTaLo6MFFlZPssnB-cKYyq2emCi2Gn3lB5rXpOdwHl1u4vKOiBXMrUMZjWcNV8B_kB4ackx6_iKwo3IN6MPs0rZBdd1Zti8HhpfQhGhn4F7kSTGllAf1D9dowsyraZjK0gebYsFCvUOiff_q2lf5Gs4fc9y8NT9F6FkQvyRxMJCOIp_C1CF-7iVaS2JzwUpO_WDVt6cqJCqtHA8aHUju-DIJdj9pdZbYEmgLTe7YGpfeG7ZMfTwKhm1iNrtlbvDVxVeUAdjuuasEJlEJraWljOsUdLSewWf4GPWAxdSmCYIPn1D4ABqDgRPNw6M1S0USLCymPlUH3OBqqD7kMaDHEyLvs-LwooLXTcwMz7dHH-o01dKy2S6Gue49iDY1cmtXhCieyu-GhYtfAtKalzDnxuhdre4fa8Xpb1MEB1HSkV7zxkXpkLuxj-QVTQzL1kZDH_0drXrYTZZSdvOo-mQtU3ET-iqCpXLNF47ndDrsT0IO2367L_v06sMmuPjdwIwvFGIJkbpjmo__HeoidUSP4gzfjSw4ufPF8uWt-3qMnUXglWD3s6J2esvbHuDtzpH-yFHblq43c-oxgL8qZNJ9IDan8R3ExMhOiHKhBopZlnBJmv-UD6Qf9TVrHqyP-nX73bI4B2lTpBIyFCXsXgnITdk_N6vX7VT7uGinzdVFhiPWvS2kuvoWZcRD8gMEKBeZaFbsBNKy1rRfbWpkhFK2Cuv6DK_Kt38gTEemq6MdMw2cHy8oBrUMqqW9u9sEF00X-99cmLOWEi90z7LEkYhxYMugHMPe-VubXVi7r_-29m4aYvrlHb5DaqdNG75Jrdc0iwzh2ylYSI8_o0zaFs6B0gdvmG9P0aXemEcg3XqNMNAsNS6OR9GV-ZaNCZULWxmPItwu_Nue1yV3Nu-RJ55XkKgeBJ7bqhLhyV7FXTO8FSoXYLxa7LWYTVRIrEU7pjFkfeJDyeHveXA53PWLqn254KoFT5P140CJ8omxj0Xy1pE-ZnQDNtzzu9R-KPPLgNqxM2C5qSTnQp0V6PIA6Qze38Gn_luPG4ReLPe6JXvVhM0aCdFRdlLxS1ElJKhm6MUwlbq_YjHhnSBycBzfkWqWjY__UxZ9TpR7d9PD24gDAdt9a-tYMRukV_w-wcIbNuCBpWiN-b2kBNkAkmcT8BxtyW0PSFu9zZZW9LlnhgCDIaEEtazXCsgYLWT4sfya3RPeSWmY7qWAvzShu0WDDJmS2yqZ0alWHUknYmwpsL-Cyzu1B8q_mkxHL2N3gSNbqI1JT9ZL7Oc-W6pO9OJ1vteNQ7_lRf4vciuV4b8MrqGuBVO1re5cEdf5wYyzGe3m3JCKOj9rRQ7ZHm_Ent_XSPSKwS2xSZ-0wqcLRNaXsqmWzcENmFbshOjCdaE-rm6oaiKBUK4dc7pNAythYCNWcDLgj11TQPaKxmXJgi2AQA7BVASEa1mhrC20iWNOxfTg0G5kUF-97ASeVvc4K0mbgXRA9x61ZhrKykkGKIZ__y8EHnQhiQETW0AumHUoVm_GKMpSD2-q67LZAo397114kl4ev8Wxt31UQ70Bq-H77tE3fHgoHIFMHsshNDw6ZjNHCf9EMfQfF2i6hFyuVmN84qkQQM-YRgynOxYpQqLnXNVAiDo3k0IKMeypHSOP_1kLyPK9WErEg5I4QnYjatEk-awreHn4_A_SLosGbM3Ctwc_871OyWVgzrf-G7f2_3MpLpAu_9Ius8kRlKdPKvXFB_tI4ninAQ2BBP2cWQeafzaZ-zK9d5iIDixFzSc0wEk2wdmCghaz_ZMgp1zSWFSdndY--ff-Fak9Ze1MErBnwDIhoNeNWVZl4Kl_tAwxCcp_A__A6TMg-z1uDL5wKlGbp7zACXDi3pxm8GdsLyLgltlGz3SwIHgdQroe977BBmANxiFE65y7XtmqyUMztnJ_3hYB6F8mwSERR-FEbI8Xqf9lpuu6gRhzNdBEPUAyWOHFZ5kn_RGkbzTQSQBXtpM4TUPI-ZDQPV7hvCdfG4w1JoGt0uzgDPJy278UBzAw5-OhKww0NwtxLh8xh-PL-AZSJYqFMRKe5iLOvA2BtE9VIbO5PrjAIXSCf67P5ZWUHpNM4wHA4YBfOYAxhnWNRRlHg_CXzC_1JoBYHJVP4Io0Tvj519UjT7PEAM5absqL1tCRvACRd9AcJtQQ_evVU5nH4_Qu0_oEPZhwgwYscK6hStkvJ5sCKoa1tUBnrbRevcSlJCCxfh3lPMA_uGytDIFZfuw8cq09vxHFC_xyeUE3qtf5mR6HuL2R8yvnU6EIx0iEqOvMfvX2ksom4c4rZFpqNozRz9uYRW5RdSL8K-EOuSwJdF-VdT44HjnUKprk5-ZCYhtbR4A2s2B32wWLv-vOnOVNYOgEA9OyWKrZqwavxPdpMcsapetUyVzPcPFzM2nYP67fHnmFrF7l-pwQQXfSeceGBADAvN4F8XSsfOvmJMYN6e8i7J_KyUJ11ItI4Km2dP4RFvN1VlV58sL_omKUOEz-o2JVMSrj_hiZWx1YPauhRm0s-JEAp6j6vPCCU5blQYrChv8KzqkcSamVd5WrL-8F4dzWIuuh7tPGf5ls7UCkw7YUSO09TsX7HV09p7HNuKs5g7Gl9133qr7SfHr0Xtd03Fa-8uTu-_fWq8nL1lQipeihn5wn5kFVXvf6brtU3VISEv5OBzOXe8dI04EAh-2Bsu2p70cWx_SURbMizitzSyZnU5IjThBPQzkOUxdLUPjH_1tXEYg8lHuoU-6wv4WWxjXt78WiImCfBjgOmQbunM6cnwPmvcU_GeDy4C6IujBYxuwY279FPlnJX76UVlkpohbgnqx48_Fa9Vx62W0Aw9MVpq8umpA67eyMZQ2HJrY9O9XO5f857sy7IF_oWZ9TkLkYH2GJpBxADnzGeKCZPWyLaO4MbVV62yr7CngqjmP2zY6Y_JbAlN3AEqyATLYIJYiRzieQFIIxsNBqGigODUqiloKAr269gfZe17zc-WP_1IWGSh6cjyaE1wjcIl4uT0tLtkk&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5213f747687a346a4999a1f0a0004a30e7aa0317d3e3998e2b567ed1d905b044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30797
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AA5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AxOwRAFpqcCbFwYd1HvQyBgNXxJIi_E5pddf9Z2ZKxvV7hZ7srGwFvt4tTedBk9YHFwzK-3miTX-btcFWrnEjzOnFIhtLbMJ4mLEvJDhgB6JPhceE
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 2AA5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 15:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 15:02:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 2AA5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
7835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:38:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2AA5 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667389194171289"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 16:49:20 GMT
css2
fonts.googleapis.com/ Frame 7275 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 14:53:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 16:49:20 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7275 		205 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 15:47:37 GMT
x-content-type-options
nosniff
age
3703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 03 Nov 2023 15:47:37 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7275 		604 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:38:25 GMT
x-content-type-options
nosniff
age
655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 03 Nov 2023 16:38:25 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame 7275 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
349544eac2a5e347ebc6e23a6ca44ab6531e59c40f5d337ddddf1270608ce257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 15:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7963
x-xss-protection
0
server
cafe
etag
15183902602499586604
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 15:48:10 GMT
6ab016790426e7d037bac2fbd741d34d.js
www.gstatic.com/mysidia/ Frame 73E7 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6ab016790426e7d037bac2fbd741d34d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13697b2938b3527230451d30c39cd2212348f6e36d5c6f2bd373c57bd153cad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:51:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4168
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 22:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 01 Feb 2023 08:51:22 GMT
40f44225e0a1c31e628c89e0882e5f2b.js
www.gstatic.com/mysidia/ Frame 73E7 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/40f44225e0a1c31e628c89e0882e5f2b.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 19:20:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4273
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 19:54:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 19:20:33 GMT
css
fonts.googleapis.com/ Frame 73E7 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 14:50:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 16:49:20 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 73E7 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
7143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:50:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 73E7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 10:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
22282
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 10:37:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 73E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 15:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 15:02:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 73E7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
7835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:38:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 73E7 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667389194171289"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 16:49:20 GMT
0d3fd3b530a886383bd6b91513e5ed38.js
www.gstatic.com/mysidia/ Frame 73E7 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 20:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14033
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 19:54:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 20:18:51 GMT
rum
dsum-sec.casalemedia.com/ Frame 2018
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNiJ00tPt4Kx4aB4Nb1Nv0&google_cver=1
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNiJ00tPt4Kx4aB4Nb1Nv0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi_7d7KATAB&v=APEucNXs_P-l_Ne3WQ1eWyzF52-HA3-LS5nUTtlx99QhHzyhs7yEdNfQH_AzOHae5FOr2i5mWbLKFJCc03jljdx-X182YcSX8Q5Gp1OCq4RAPXRVzq6ocHD6WK_a_FI2JamTBKndpWe2SWwDL-gn--mA5eEm5ibJjdvYPK9xV2Eoel3dU0OErEY
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Mr%2BkEe%2Foh5KIS%2FDPwoouWIiMKSvwXjC5DWSUizICwpfR6bVW1mYs%2Bd23RkJSjhGvzpW0LePx043Ctlzkk%2FUsCkL2qFQv818fhNLjMjxj3HSsh%2FMkP0sPO%2Bg7iwfVMluWyUYjjiLShu7rg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76469a488838d20d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNiJ00tPt4Kx4aB4Nb1Nv0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2018
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2PxEPaFEwvTS1TvBjjL0gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNiJ00tPt4Kx4aB4Nb1Nv0&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNiJ00tPt4Kx4aB4Nb1Nv0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi_7d7KATAB&v=APEucNXs_P-l_Ne3WQ1eWyzF52-HA3-LS5nUTtlx99QhHzyhs7yEdNfQH_AzOHae5FOr2i5mWbLKFJCc03jljdx-X182YcSX8Q5Gp1OCq4RAPXRVzq6ocHD6WK_a_FI2JamTBKndpWe2SWwDL-gn--mA5eEm5ibJjdvYPK9xV2Eoel3dU0OErEY
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYcubSj42aCj%2BzCb8d49sKPH%2BpVbpQKJlq5aMvQNEx91%2BwKmyTjd6W0BX5xAc2A5r0ewoEHxh4rCiXXyomP9Q8qXaCDE38XpYR%2Bwb8irYNB9EWF49%2F2maaF5qCqOx3YaFw8QmnkcKFnJcg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76469a4a8aecd20d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNiJ00tPt4Kx4aB4Nb1Nv0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2018
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEITokCFHYLMXyVvULIOvOHQ&google_cver=1
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEITokCFHYLMXyVvULIOvOHQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi_7d7KATAB&v=APEucNXs_P-l_Ne3WQ1eWyzF52-HA3-LS5nUTtlx99QhHzyhs7yEdNfQH_AzOHae5FOr2i5mWbLKFJCc03jljdx-X182YcSX8Q5Gp1OCq4RAPXRVzq6ocHD6WK_a_FI2JamTBKndpWe2SWwDL-gn--mA5eEm5ibJjdvYPK9xV2Eoel3dU0OErEY
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 16:49:20 GMT
AN-X-Request-Uuid
033e8dc5-9e41-49d0-ae03-b7c6241bb192
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.59.164.98; 37.59.164.98; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEITokCFHYLMXyVvULIOvOHQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2018
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxMDM2NzMwOTk1MjEwNzg2
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxMDM2NzMwOTk1MjEwNzg2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi_7d7KATAB&v=APEucNXs_P-l_Ne3WQ1eWyzF52-HA3-LS5nUTtlx99QhHzyhs7yEdNfQH_AzOHae5FOr2i5mWbLKFJCc03jljdx-X182YcSX8Q5Gp1OCq4RAPXRVzq6ocHD6WK_a_FI2JamTBKndpWe2SWwDL-gn--mA5eEm5ibJjdvYPK9xV2Eoel3dU0OErEY
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 16:49:20 GMT
AN-X-Request-Uuid
c81662e9-6dd0-45d2-ab86-80990e71f0a3
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxMDM2NzMwOTk1MjEwNzg2
Connection
keep-alive
X-Proxy-Origin
37.59.164.98; 37.59.164.98; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F265
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA20IOEgW5fLu-beu0Q0a6o&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA20IOEgW5fLu-beu0Q0a6o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi99-HWATAB&v=APEucNXeSw2EXsi97dlFlKOL0SkjuVLoEbdm66E-53UnF745_uBApl4sq9SJTwtqpS7yT60bjv8iKNjU9__JrJSTVUxEQoKoIaMRMZ0zCmOLaqPTstLpZd4GXrxuwhM3Bh86_xomtgKM0R2UVVxtls9f4-KQs8Zgr5TeBh0djcXr7Bn1bjmSY8A
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA20IOEgW5fLu-beu0Q0a6o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame F265 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi99-HWATAB&v=APEucNXeSw2EXsi97dlFlKOL0SkjuVLoEbdm66E-53UnF745_uBApl4sq9SJTwtqpS7yT60bjv8iKNjU9__JrJSTVUxEQoKoIaMRMZ0zCmOLaqPTstLpZd4GXrxuwhM3Bh86_xomtgKM0R2UVVxtls9f4-KQs8Zgr5TeBh0djcXr7Bn1bjmSY8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame F265
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEMFkUKt38Z-5BPcEsWeWxrA&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEMFkUKt38Z-5BPcEsWeWxrA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi99-HWATAB&v=APEucNXeSw2EXsi97dlFlKOL0SkjuVLoEbdm66E-53UnF745_uBApl4sq9SJTwtqpS7yT60bjv8iKNjU9__JrJSTVUxEQoKoIaMRMZ0zCmOLaqPTstLpZd4GXrxuwhM3Bh86_xomtgKM0R2UVVxtls9f4-KQs8Zgr5TeBh0djcXr7Bn1bjmSY8A
Protocol
H2
Server
23.11.239.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-11-239-181.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Thu, 03 Nov 2022 16:49:20 GMT
pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEMFkUKt38Z-5BPcEsWeWxrA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame F265 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi99-HWATAB&v=APEucNXeSw2EXsi97dlFlKOL0SkjuVLoEbdm66E-53UnF745_uBApl4sq9SJTwtqpS7yT60bjv8iKNjU9__JrJSTVUxEQoKoIaMRMZ0zCmOLaqPTstLpZd4GXrxuwhM3Bh86_xomtgKM0R2UVVxtls9f4-KQs8Zgr5TeBh0djcXr7Bn1bjmSY8A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.11.239.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-11-239-181.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Thu, 03 Nov 2022 16:49:20 GMT
pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 23E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELFtGoesuQA9ipCOMQEVM6M&google_cver=1
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELFtGoesuQA9ipCOMQEVM6M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi_7d7KATAB&v=APEucNUV764CP8rHPirHvnOuIPY4nzND2KVYmCcLuE0cRZCdPBwSnjYSpphcoHV9nzRLgFEaMhI3DEMkJDkj_9oRlXwdJB9K2pDOvxSsPTBP3iHyMvRBUnGEpaKxn-DKFR1ypF2z6R1v_Sap37Y3CCNgR6Yr-iqT532l5fZw-xudKymH3JHDELI
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 16:49:20 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
107
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/html; charset=UTF-8
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELFtGoesuQA9ipCOMQEVM6M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 23E9
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzY5Yjc3ODMtNWI5Ny0xMWVkLTg3NDctMTdmM2Q3YTEwMTA2
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzY5Yjc3ODMtNWI5Ny0xMWVkLTg3NDctMTdmM2Q3YTEwMTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi_7d7KATAB&v=APEucNUV764CP8rHPirHvnOuIPY4nzND2KVYmCcLuE0cRZCdPBwSnjYSpphcoHV9nzRLgFEaMhI3DEMkJDkj_9oRlXwdJB9K2pDOvxSsPTBP3iHyMvRBUnGEpaKxn-DKFR1ypF2z6R1v_Sap37Y3CCNgR6Yr-iqT532l5fZw-xudKymH3JHDELI
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 03 Nov 2022 16:49:20 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzY5Yjc3ODMtNWI5Ny0xMWVkLTg3NDctMTdmM2Q3YTEwMTA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
55
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 23E9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1TM1ZEeXd0RTJ1RzRvWC54QmFvVUJPR1N3RW1OZ0hHZH5B
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1TM1ZEeXd0RTJ1RzRvWC54QmFvVUJPR1N3RW1OZ0hHZH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxi_7d7KATAB&v=APEucNUV764CP8rHPirHvnOuIPY4nzND2KVYmCcLuE0cRZCdPBwSnjYSpphcoHV9nzRLgFEaMhI3DEMkJDkj_9oRlXwdJB9K2pDOvxSsPTBP3iHyMvRBUnGEpaKxn-DKFR1ypF2z6R1v_Sap37Y3CCNgR6Yr-iqT532l5fZw-xudKymH3JHDELI
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1TM1ZEeXd0RTJ1RzRvWC54QmFvVUJPR1N3RW1OZ0hHZH5B
date
Thu, 03 Nov 2022 16:49:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
rtb-csync.smartadserver.com/redir/ Frame C449
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELtBGSIh0tX8zEmQAvyzRiQ&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELtBGSIh0tX8zEmQAvyzRiQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxij8d7KATAB&v=APEucNW9XYr_Ubx8wh5oJbUB9JB3y2SdeNXQxJUhMG6FXIZTXtHuirmPV-cUNlEZtjHs-nvnM82vXaOKwcnTD7sKu4eAZvbX73E_Lwp4re-fMY1xPjm53jzUDNxCjnJm2srWL4rQ6n0cegYjMHzTyLrd-7GFhZGCJU8cue-DfZ5P9GDG2lZf3F8
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELtBGSIh0tX8zEmQAvyzRiQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame C449 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy_CRCWv-qzAxij8d7KATAB&v=APEucNW9XYr_Ubx8wh5oJbUB9JB3y2SdeNXQxJUhMG6FXIZTXtHuirmPV-cUNlEZtjHs-nvnM82vXaOKwcnTD7sKu4eAZvbX73E_Lwp4re-fMY1xPjm53jzUDNxCjnJm2srWL4rQ6n0cegYjMHzTyLrd-7GFhZGCJU8cue-DfZ5P9GDG2lZf3F8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:19 GMT
transfer-encoding
chunked
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 276D 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-oYf6_yGTaAyHDcoc4tHezT_UQ94gkgjY-kbraRsYFHBhWfc6_Q9FQOFf04MZrF0BfrgNYgutgPTAzTTyRb5YypVFLQ&cry=1&dbm_d=AKAmf-Ck38Ii2cj1twsK9e7jB9iNokrlk-wOkr1xS1oPEoujLW31wh9Codq88l-q2RqL4_Tab49-KBUAkRdR5tsa-VCDERAb3R_KkxjIoRFLQUE0J9so28ynfuccNNl9qVHbOxyAzWlEVNw7uFH8RRNO6z3-EShiM1vFx3k04F6f4-x2hrrrKW2TEHxCDBFay38LbBA2EZKLk4dXvsDk9-sTX37gRMgw8bT1AbDn8ytmtuzHHoKKHklxAZQeFbkL1rvBKsyPbXVOtSjQdE2q6E6p_IUlRwH1Zvk28aNOhnOYzHgFAlKSKpbtXZfK3DmRHeW-3LBLcM9Ez1vJUe1ErxeTP5DFxqnIP3YgGYwEkRcqweeExS7sgIV2j7sw1ILTvXz8O9fJhWgemtQ-5mUe_kGVudpX0OWQYNUggnwsBXOvla01DuBgvtwN0CAsgF1om8-NrFla_4LMS8NIQbBpDfszRewR_WtFe9TwydFgz6mobPsEXlbGyL7Rku6cs3J2UdI02oIS-8wW-qX4AM9vNBYZREA8foBzCiLuGO8UOXRQL9Cn6GUChUX3oLI4wR_5Kzj-Bf4M7OGpnqaSTO5s50TuBZWL9eq7cY7mi_vtHiDyqqoLXHEDXQwJL92pOju-Qe81ACZd9kRDlQfJMksUWgSOL44ee1SUPG-KMCwzneVYqE596istpHBNktvcpDrjAmBXdGpGDd9jNsNZqiSomQlzB-7GaId4T2aGV8IEjzIZBCq6c35gtv7kRSRUuW30RYtbwbQa50UbsFnOffJIm-GKEpNYI7Dovlwlg9z2_8MV1gyaVOXCbSkrLwNtHt4MWouyxkuBBv6dj8y5VE2_mPjmQGf1NiTRvbNsI_ER3vaLrbK1Hrxb44sGQSUrzlrd01eimQs1ZOKiDme2ASF15no1Yx0EKby-fDBDCWyO1xDvwfyDoJNoTrAZzaC6XJgseiOlEgkqxvRWnI972FSgWX52NRSaN4TjPyTusLPOdykP8Eg57ZwQ34ID0zCsobXWo5afXn0wIxqvUe1VorcnVBschPdRahrpeAPbzZNgA7iFc7I5v52vv7NwfwO69adJMMGOjHWXUjY0nYYGe7rv4Pbdy-K3SIjI_6ypVtOf-2yefIVFK1c5uEaAzDtmoIgRXDppbAsvA_Vd6andhu4rPZzusZmHHDHcVeTLSRRuNBTnZAKB4jqySWk92-PRl9OfcqgjEKgxt3S3htxMP2-8HF5JMcz4Rq7m42C1-9A6G1t10mIIiVDlc7n5d67J2ZXRzvi-A-WqXVpqgpSZP4ZR723njVNDJNJf9FcsCJghnCtX3xg0dp4Lpvu5EJVQBJ9jVmL9o71jMgtKUUO2S40Qn6oNmXnx5kC9Km7eAz_UGeRfqS-80E76JeNxuRkKI0HqAYaTEzj1TK8hksroUjyFMuu-IXZKQdwo2dXmUT12IDKEzNJsaveVBgzo4MpkESM_r4dFpMIvC2ncdrBnvFAC-hfzj4pVpp5z0DzyjErEBz6vkUf0GehfMOqqMcETFlt-nnl_zcgSc96aSjg5lChnDYDDznQiO6uGIEUDkESJMMru5iWOlrD2GiEePfe0zzMwySBZ_NtPQPloHyirckv3dS_yIfXEZ9SwUbPUAsXcrowDcG8xIY_sfiv2PKWFgd07ugeouyoo8otegHJ4ke1azvIVjfVoGksz_n7ib7ULfqKdj9VKinvkaY-qnu4SDMwOnesqutClu52VGjfUYW2pQjImfFes6ycfJPBs-bUqV2nYSFxRAdiYtmLETu-6J95C5P7tt9FVkfeaDKUhNlwvSVl9znY9Dl7eLVh_80gTvcgvFr-Y2aiZq6Ao_omGvRdV-QsYhHb_UjbkQbPH2tl4GhcOgp4G1V_4SEJFw3u87H7zDDz2sHlvlZHSbicnmXsdjrhpNrFtj4bRJSGsQDOVInKW16Bt12ZSVzOSKp2bWft7AL8xclPO5ZlUhnrlS-JBaFhlmmw5xyJV-kJZwyuAkJiovfp4Nh_zcH-Lkg5FyqdaFPepObtUttIRfFUqMKtz3_z96o0cnDyMwyEwMHfXgM8iuikKo1fHG5K6QnwINEm0x5Xe02YFHXcO_p6LWFLpvUGkmLo_ntwTQ1t2yU5HQEINOIDo8g00VDBZpLQwdhlvXzTBheTVRD7ZHoWJlKhidNrlCTXXFUCVEdZqEaSPEiFyg145G-xMMT9qQTbVjBuPUD9JsjwoebT3iYHTbROvLQ4Wpqs0t9sBS__Sgsy6ANnESi1ei1tDGd9513Oyehj5wgdKym0kkMTDnZIA3LRJWK60d0aX0c9CMtQc6YXFnzzBQrl48G2DczQ2upVhpI8k49W55ruxqhQKdtwR8ZmyauEcRv2ALyhJerqg1PO4S2L9ZqyxuPcDUpkPqneez08dCPccdSse4oahn75T6QNqC2tVpzcleDl0cwiu5zKn_79U84p7VMLhLaIx4YqZAfQE-DlltO7ItIvToZNE9_Q5yGrmlrCkDyA0KjG0Q5517mOtDgAoqlYUR022FSJKEI8sXWAG8vr7PdlXGrsDFSDqH_YNs-RiIXbDc0O0B1c5i8bYi9mv9UYYmEVZHky0-4Rl-dnWMVapiGgKcKdgqyXQZPOMi2d63E5PiDn6pBxPQGSi83SWjbdvLiBLlMuEnI6lVhqPsetH1fi2vgllTg4G2OsAcUr7CLzlkIAot-NoqkOfs_8tu4Mm1YysdAxIp3Yz4RbURyWm1AgHCXSLaTO8-qEycktKCMCBi0B6_XDsEepnA5XqQqCh_D0xoxgO0nhQwfsWlgXYppf-Oy6LEf2MI9aqCVx3nNr1uW622TU-V7n4x2VaNoZkjwRJv1zW3-U1Qq0ozRzv24ANNV9f_5e10r3HSi9Ifxy9dWUZmz3MptcD3DQa9_GUaUJm4oZi7H34FkhR3RHokoOxkCuYzBApEznGDxNPr0OlRz2OQ94gRhUyJHVfy2mOJJdcImKWBPx9ILRSMtI1dcVBssG9tul4guRXeL_ZiMvtEwJOId4Fh46VzM6KL_TdOLmjs9Rhp1eHs-k8GdPsqfFFDkvcri0Abiw98QEfqssXOWm18nR7zsEPjPW64C2-gqmTMDX76TCXJQ3ssr34ls_K3MvfwzJMvaGzhZlT70wqt70m58Up520RZ--ZU8SczpGVL0xuftixz5k59m1Z6AnsZOsza6N4qedJ64nAFMGvS68Ic9vGrqJ7k0TzihBpSOmEelN1pIeTzP1GRVMrAfTrEf4crNv6QgdU9tpc0o-iJXiASrsFQPvD87QafC9kuCcGNQWYJPf4YSDLsEEbbgQw3Jqrx7HIGq8FMG5Upv3WnOTWTVOXyt9rS0qt8qHOsYKo1iVPUcok-jVsZt0mMmLKJ65AJJwpuJ4EMHwSbUUZsicNEmW3j2w13k2-_c-kZpKr1oaAO3pbWVLE3nrIsleFwD-3M2LfEpufsx3P2XLVed_srCoAOgPY55-Qp6hPdbRrE-xBxYu_3kIHJhUoMMmQFnd7BK_Z6rqssLEujcs4&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:29:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
8394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11393
x-xss-protection
0
server
cafe
etag
8974296396314687744
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:29:26 GMT
14039544731581877115
s0.2mdn.net/simgad/ Frame 276D 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14039544731581877115
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-oYf6_yGTaAyHDcoc4tHezT_UQ94gkgjY-kbraRsYFHBhWfc6_Q9FQOFf04MZrF0BfrgNYgutgPTAzTTyRb5YypVFLQ&cry=1&dbm_d=AKAmf-Ck38Ii2cj1twsK9e7jB9iNokrlk-wOkr1xS1oPEoujLW31wh9Codq88l-q2RqL4_Tab49-KBUAkRdR5tsa-VCDERAb3R_KkxjIoRFLQUE0J9so28ynfuccNNl9qVHbOxyAzWlEVNw7uFH8RRNO6z3-EShiM1vFx3k04F6f4-x2hrrrKW2TEHxCDBFay38LbBA2EZKLk4dXvsDk9-sTX37gRMgw8bT1AbDn8ytmtuzHHoKKHklxAZQeFbkL1rvBKsyPbXVOtSjQdE2q6E6p_IUlRwH1Zvk28aNOhnOYzHgFAlKSKpbtXZfK3DmRHeW-3LBLcM9Ez1vJUe1ErxeTP5DFxqnIP3YgGYwEkRcqweeExS7sgIV2j7sw1ILTvXz8O9fJhWgemtQ-5mUe_kGVudpX0OWQYNUggnwsBXOvla01DuBgvtwN0CAsgF1om8-NrFla_4LMS8NIQbBpDfszRewR_WtFe9TwydFgz6mobPsEXlbGyL7Rku6cs3J2UdI02oIS-8wW-qX4AM9vNBYZREA8foBzCiLuGO8UOXRQL9Cn6GUChUX3oLI4wR_5Kzj-Bf4M7OGpnqaSTO5s50TuBZWL9eq7cY7mi_vtHiDyqqoLXHEDXQwJL92pOju-Qe81ACZd9kRDlQfJMksUWgSOL44ee1SUPG-KMCwzneVYqE596istpHBNktvcpDrjAmBXdGpGDd9jNsNZqiSomQlzB-7GaId4T2aGV8IEjzIZBCq6c35gtv7kRSRUuW30RYtbwbQa50UbsFnOffJIm-GKEpNYI7Dovlwlg9z2_8MV1gyaVOXCbSkrLwNtHt4MWouyxkuBBv6dj8y5VE2_mPjmQGf1NiTRvbNsI_ER3vaLrbK1Hrxb44sGQSUrzlrd01eimQs1ZOKiDme2ASF15no1Yx0EKby-fDBDCWyO1xDvwfyDoJNoTrAZzaC6XJgseiOlEgkqxvRWnI972FSgWX52NRSaN4TjPyTusLPOdykP8Eg57ZwQ34ID0zCsobXWo5afXn0wIxqvUe1VorcnVBschPdRahrpeAPbzZNgA7iFc7I5v52vv7NwfwO69adJMMGOjHWXUjY0nYYGe7rv4Pbdy-K3SIjI_6ypVtOf-2yefIVFK1c5uEaAzDtmoIgRXDppbAsvA_Vd6andhu4rPZzusZmHHDHcVeTLSRRuNBTnZAKB4jqySWk92-PRl9OfcqgjEKgxt3S3htxMP2-8HF5JMcz4Rq7m42C1-9A6G1t10mIIiVDlc7n5d67J2ZXRzvi-A-WqXVpqgpSZP4ZR723njVNDJNJf9FcsCJghnCtX3xg0dp4Lpvu5EJVQBJ9jVmL9o71jMgtKUUO2S40Qn6oNmXnx5kC9Km7eAz_UGeRfqS-80E76JeNxuRkKI0HqAYaTEzj1TK8hksroUjyFMuu-IXZKQdwo2dXmUT12IDKEzNJsaveVBgzo4MpkESM_r4dFpMIvC2ncdrBnvFAC-hfzj4pVpp5z0DzyjErEBz6vkUf0GehfMOqqMcETFlt-nnl_zcgSc96aSjg5lChnDYDDznQiO6uGIEUDkESJMMru5iWOlrD2GiEePfe0zzMwySBZ_NtPQPloHyirckv3dS_yIfXEZ9SwUbPUAsXcrowDcG8xIY_sfiv2PKWFgd07ugeouyoo8otegHJ4ke1azvIVjfVoGksz_n7ib7ULfqKdj9VKinvkaY-qnu4SDMwOnesqutClu52VGjfUYW2pQjImfFes6ycfJPBs-bUqV2nYSFxRAdiYtmLETu-6J95C5P7tt9FVkfeaDKUhNlwvSVl9znY9Dl7eLVh_80gTvcgvFr-Y2aiZq6Ao_omGvRdV-QsYhHb_UjbkQbPH2tl4GhcOgp4G1V_4SEJFw3u87H7zDDz2sHlvlZHSbicnmXsdjrhpNrFtj4bRJSGsQDOVInKW16Bt12ZSVzOSKp2bWft7AL8xclPO5ZlUhnrlS-JBaFhlmmw5xyJV-kJZwyuAkJiovfp4Nh_zcH-Lkg5FyqdaFPepObtUttIRfFUqMKtz3_z96o0cnDyMwyEwMHfXgM8iuikKo1fHG5K6QnwINEm0x5Xe02YFHXcO_p6LWFLpvUGkmLo_ntwTQ1t2yU5HQEINOIDo8g00VDBZpLQwdhlvXzTBheTVRD7ZHoWJlKhidNrlCTXXFUCVEdZqEaSPEiFyg145G-xMMT9qQTbVjBuPUD9JsjwoebT3iYHTbROvLQ4Wpqs0t9sBS__Sgsy6ANnESi1ei1tDGd9513Oyehj5wgdKym0kkMTDnZIA3LRJWK60d0aX0c9CMtQc6YXFnzzBQrl48G2DczQ2upVhpI8k49W55ruxqhQKdtwR8ZmyauEcRv2ALyhJerqg1PO4S2L9ZqyxuPcDUpkPqneez08dCPccdSse4oahn75T6QNqC2tVpzcleDl0cwiu5zKn_79U84p7VMLhLaIx4YqZAfQE-DlltO7ItIvToZNE9_Q5yGrmlrCkDyA0KjG0Q5517mOtDgAoqlYUR022FSJKEI8sXWAG8vr7PdlXGrsDFSDqH_YNs-RiIXbDc0O0B1c5i8bYi9mv9UYYmEVZHky0-4Rl-dnWMVapiGgKcKdgqyXQZPOMi2d63E5PiDn6pBxPQGSi83SWjbdvLiBLlMuEnI6lVhqPsetH1fi2vgllTg4G2OsAcUr7CLzlkIAot-NoqkOfs_8tu4Mm1YysdAxIp3Yz4RbURyWm1AgHCXSLaTO8-qEycktKCMCBi0B6_XDsEepnA5XqQqCh_D0xoxgO0nhQwfsWlgXYppf-Oy6LEf2MI9aqCVx3nNr1uW622TU-V7n4x2VaNoZkjwRJv1zW3-U1Qq0ozRzv24ANNV9f_5e10r3HSi9Ifxy9dWUZmz3MptcD3DQa9_GUaUJm4oZi7H34FkhR3RHokoOxkCuYzBApEznGDxNPr0OlRz2OQ94gRhUyJHVfy2mOJJdcImKWBPx9ILRSMtI1dcVBssG9tul4guRXeL_ZiMvtEwJOId4Fh46VzM6KL_TdOLmjs9Rhp1eHs-k8GdPsqfFFDkvcri0Abiw98QEfqssXOWm18nR7zsEPjPW64C2-gqmTMDX76TCXJQ3ssr34ls_K3MvfwzJMvaGzhZlT70wqt70m58Up520RZ--ZU8SczpGVL0xuftixz5k59m1Z6AnsZOsza6N4qedJ64nAFMGvS68Ic9vGrqJ7k0TzihBpSOmEelN1pIeTzP1GRVMrAfTrEf4crNv6QgdU9tpc0o-iJXiASrsFQPvD87QafC9kuCcGNQWYJPf4YSDLsEEbbgQw3Jqrx7HIGq8FMG5Upv3WnOTWTVOXyt9rS0qt8qHOsYKo1iVPUcok-jVsZt0mMmLKJ65AJJwpuJ4EMHwSbUUZsicNEmW3j2w13k2-_c-kZpKr1oaAO3pbWVLE3nrIsleFwD-3M2LfEpufsx3P2XLVed_srCoAOgPY55-Qp6hPdbRrE-xBxYu_3kIHJhUoMMmQFnd7BK_Z6rqssLEujcs4&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2989c581cd38dc0ddaf63d7d3e391d43bc1df5d9f7122cde73597ef1f3b05f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 01:07:25 GMT
x-content-type-options
nosniff
age
142915
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59136
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 20:43:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Nov 2023 01:07:25 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame 276D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-oYf6_yGTaAyHDcoc4tHezT_UQ94gkgjY-kbraRsYFHBhWfc6_Q9FQOFf04MZrF0BfrgNYgutgPTAzTTyRb5YypVFLQ&cry=1&dbm_d=AKAmf-Ck38Ii2cj1twsK9e7jB9iNokrlk-wOkr1xS1oPEoujLW31wh9Codq88l-q2RqL4_Tab49-KBUAkRdR5tsa-VCDERAb3R_KkxjIoRFLQUE0J9so28ynfuccNNl9qVHbOxyAzWlEVNw7uFH8RRNO6z3-EShiM1vFx3k04F6f4-x2hrrrKW2TEHxCDBFay38LbBA2EZKLk4dXvsDk9-sTX37gRMgw8bT1AbDn8ytmtuzHHoKKHklxAZQeFbkL1rvBKsyPbXVOtSjQdE2q6E6p_IUlRwH1Zvk28aNOhnOYzHgFAlKSKpbtXZfK3DmRHeW-3LBLcM9Ez1vJUe1ErxeTP5DFxqnIP3YgGYwEkRcqweeExS7sgIV2j7sw1ILTvXz8O9fJhWgemtQ-5mUe_kGVudpX0OWQYNUggnwsBXOvla01DuBgvtwN0CAsgF1om8-NrFla_4LMS8NIQbBpDfszRewR_WtFe9TwydFgz6mobPsEXlbGyL7Rku6cs3J2UdI02oIS-8wW-qX4AM9vNBYZREA8foBzCiLuGO8UOXRQL9Cn6GUChUX3oLI4wR_5Kzj-Bf4M7OGpnqaSTO5s50TuBZWL9eq7cY7mi_vtHiDyqqoLXHEDXQwJL92pOju-Qe81ACZd9kRDlQfJMksUWgSOL44ee1SUPG-KMCwzneVYqE596istpHBNktvcpDrjAmBXdGpGDd9jNsNZqiSomQlzB-7GaId4T2aGV8IEjzIZBCq6c35gtv7kRSRUuW30RYtbwbQa50UbsFnOffJIm-GKEpNYI7Dovlwlg9z2_8MV1gyaVOXCbSkrLwNtHt4MWouyxkuBBv6dj8y5VE2_mPjmQGf1NiTRvbNsI_ER3vaLrbK1Hrxb44sGQSUrzlrd01eimQs1ZOKiDme2ASF15no1Yx0EKby-fDBDCWyO1xDvwfyDoJNoTrAZzaC6XJgseiOlEgkqxvRWnI972FSgWX52NRSaN4TjPyTusLPOdykP8Eg57ZwQ34ID0zCsobXWo5afXn0wIxqvUe1VorcnVBschPdRahrpeAPbzZNgA7iFc7I5v52vv7NwfwO69adJMMGOjHWXUjY0nYYGe7rv4Pbdy-K3SIjI_6ypVtOf-2yefIVFK1c5uEaAzDtmoIgRXDppbAsvA_Vd6andhu4rPZzusZmHHDHcVeTLSRRuNBTnZAKB4jqySWk92-PRl9OfcqgjEKgxt3S3htxMP2-8HF5JMcz4Rq7m42C1-9A6G1t10mIIiVDlc7n5d67J2ZXRzvi-A-WqXVpqgpSZP4ZR723njVNDJNJf9FcsCJghnCtX3xg0dp4Lpvu5EJVQBJ9jVmL9o71jMgtKUUO2S40Qn6oNmXnx5kC9Km7eAz_UGeRfqS-80E76JeNxuRkKI0HqAYaTEzj1TK8hksroUjyFMuu-IXZKQdwo2dXmUT12IDKEzNJsaveVBgzo4MpkESM_r4dFpMIvC2ncdrBnvFAC-hfzj4pVpp5z0DzyjErEBz6vkUf0GehfMOqqMcETFlt-nnl_zcgSc96aSjg5lChnDYDDznQiO6uGIEUDkESJMMru5iWOlrD2GiEePfe0zzMwySBZ_NtPQPloHyirckv3dS_yIfXEZ9SwUbPUAsXcrowDcG8xIY_sfiv2PKWFgd07ugeouyoo8otegHJ4ke1azvIVjfVoGksz_n7ib7ULfqKdj9VKinvkaY-qnu4SDMwOnesqutClu52VGjfUYW2pQjImfFes6ycfJPBs-bUqV2nYSFxRAdiYtmLETu-6J95C5P7tt9FVkfeaDKUhNlwvSVl9znY9Dl7eLVh_80gTvcgvFr-Y2aiZq6Ao_omGvRdV-QsYhHb_UjbkQbPH2tl4GhcOgp4G1V_4SEJFw3u87H7zDDz2sHlvlZHSbicnmXsdjrhpNrFtj4bRJSGsQDOVInKW16Bt12ZSVzOSKp2bWft7AL8xclPO5ZlUhnrlS-JBaFhlmmw5xyJV-kJZwyuAkJiovfp4Nh_zcH-Lkg5FyqdaFPepObtUttIRfFUqMKtz3_z96o0cnDyMwyEwMHfXgM8iuikKo1fHG5K6QnwINEm0x5Xe02YFHXcO_p6LWFLpvUGkmLo_ntwTQ1t2yU5HQEINOIDo8g00VDBZpLQwdhlvXzTBheTVRD7ZHoWJlKhidNrlCTXXFUCVEdZqEaSPEiFyg145G-xMMT9qQTbVjBuPUD9JsjwoebT3iYHTbROvLQ4Wpqs0t9sBS__Sgsy6ANnESi1ei1tDGd9513Oyehj5wgdKym0kkMTDnZIA3LRJWK60d0aX0c9CMtQc6YXFnzzBQrl48G2DczQ2upVhpI8k49W55ruxqhQKdtwR8ZmyauEcRv2ALyhJerqg1PO4S2L9ZqyxuPcDUpkPqneez08dCPccdSse4oahn75T6QNqC2tVpzcleDl0cwiu5zKn_79U84p7VMLhLaIx4YqZAfQE-DlltO7ItIvToZNE9_Q5yGrmlrCkDyA0KjG0Q5517mOtDgAoqlYUR022FSJKEI8sXWAG8vr7PdlXGrsDFSDqH_YNs-RiIXbDc0O0B1c5i8bYi9mv9UYYmEVZHky0-4Rl-dnWMVapiGgKcKdgqyXQZPOMi2d63E5PiDn6pBxPQGSi83SWjbdvLiBLlMuEnI6lVhqPsetH1fi2vgllTg4G2OsAcUr7CLzlkIAot-NoqkOfs_8tu4Mm1YysdAxIp3Yz4RbURyWm1AgHCXSLaTO8-qEycktKCMCBi0B6_XDsEepnA5XqQqCh_D0xoxgO0nhQwfsWlgXYppf-Oy6LEf2MI9aqCVx3nNr1uW622TU-V7n4x2VaNoZkjwRJv1zW3-U1Qq0ozRzv24ANNV9f_5e10r3HSi9Ifxy9dWUZmz3MptcD3DQa9_GUaUJm4oZi7H34FkhR3RHokoOxkCuYzBApEznGDxNPr0OlRz2OQ94gRhUyJHVfy2mOJJdcImKWBPx9ILRSMtI1dcVBssG9tul4guRXeL_ZiMvtEwJOId4Fh46VzM6KL_TdOLmjs9Rhp1eHs-k8GdPsqfFFDkvcri0Abiw98QEfqssXOWm18nR7zsEPjPW64C2-gqmTMDX76TCXJQ3ssr34ls_K3MvfwzJMvaGzhZlT70wqt70m58Up520RZ--ZU8SczpGVL0xuftixz5k59m1Z6AnsZOsza6N4qedJ64nAFMGvS68Ic9vGrqJ7k0TzihBpSOmEelN1pIeTzP1GRVMrAfTrEf4crNv6QgdU9tpc0o-iJXiASrsFQPvD87QafC9kuCcGNQWYJPf4YSDLsEEbbgQw3Jqrx7HIGq8FMG5Upv3WnOTWTVOXyt9rS0qt8qHOsYKo1iVPUcok-jVsZt0mMmLKJ65AJJwpuJ4EMHwSbUUZsicNEmW3j2w13k2-_c-kZpKr1oaAO3pbWVLE3nrIsleFwD-3M2LfEpufsx3P2XLVed_srCoAOgPY55-Qp6hPdbRrE-xBxYu_3kIHJhUoMMmQFnd7BK_Z6rqssLEujcs4&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
8395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:29:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 276D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvR4VM2B6_nX6yyJ--thMrpP1Bv4lTmnz8h8CKGWfd51CA2I2Bcq2Em3Afa7v2iUvn3AwN5KtOUGXxFBFQymMRQw2lUUO6R1y0wDXPUeL7neKvHmBHUUVm68YxaGpx7e0IciIm9IJLJCtVucwA8wFNlOMzwZw-LNJwVh6JAaMe5ixNE88fgM1ImeZ25luWaTHQFzFWFa7P8WF8U7yjhswp51uyJQjDcMxzGwGj_NhtFnwg0-OWSSsrUKNAUw5Dxu-bkmvDo0U6LQbSXEIEwxZBEB9kDHEDX0_qoo5-R-dEFgkTSoL2JpGdQ8h5s1rcKolEZcLrUlATB2KHai1bbs6SoW2hzYRqavhdI7nEMjxJ_obPr-PnfSwAE5VXa_B-ZgaPT49sdBW7lZOGuAsRL-Dk4jIoUjNrYs4FL0as0gPOr6fXHPRF0_DfxBW-pjVdaAo9IpMlI1lklquzThVEoa8Npt8HPJ1DA2VPpBHME5R3uueUZjSnxUzhE-YUMWt-YStP_cJkpIlJEU3LjuihP0ZkwvtxeUy7HmDI7Uzr87mKHaoTYlHbazmEyaDBKFQoCwWTII9KQ2cdxI0-d3dbXk8zZcv4N-cFZsf8NIvCj1SPzYcosCbtxoyZjUSoytPtmcAmWxStO1hNmhkVxjoasI8PT9dHusdiRcZmHHrl1n3_kGMiztzM6SghYm8BPxXXBszfQeksxZbFqgyCdjE2qKQeBaDRzQX3Av8cYRTftDJagp7T5espdVX14gZz5OnR8FMRlo-7SyZxyNOKpBfjZVoOKn8fHwIJ6g-Oc39rOkeegnIVgUY-U5tPGeZMiOji0m4Kbdtt7koCnVVzvTs-12a0lxfxldeEsaTztakvcV5ZXgCNQmUY_DGmV9igCa9zA8kcEP5SOJZOwVF4mD8DSZMKM0mrHhTPRFOqOa_pMnlsSBAwkDuJJDZxH2iRqUSfTv4wX0lwTEVoxwQX1UM0Ivijuuo0DxvwvKdwBZAuhNV9xULzqZv0NP3xEU1sBAaoQKlSh04Ntf05bkbFkrVaRlDWpLojILRk_NVOLSgE3ScS4HozbVeWJ8kD8COgV044CATBdcaQO9vqhct50Pbug1CofEFTEmgZhzZZADPQIkUW425zvbLgfllp5bhJgDlYwaY2QfNA32x9HIE9ZXNacTb1xN0em1bCZy84H2jFFQqjOgMwFSaL9qFpnaeJg2obMlsMHtZDt_HRFHNHQI9zHbxndXlXLmQvN5hAtDGm4R1cRztMHE8i6rhf10lKzQJqR5czvy4GBn2V4kDeQvoKzXe7i_fZjb79MrojvRITIMsvMfGYydmmbPoX0TLUFVBrSuWbEAoG3jmuazBo&sai=AMfl-YSBO73IIaIP7iUcekQFrrcVRLzRXII0tpHS-EwKrY06ccMdTbe4CXEpIGvtsfq1_xsCRTA8DxwAZdoRZbYI5e69asiB93Tdp8A71cdAwPxVZnAkadcdURBowtDVxXuqzHK-6Sl5NESCPg-8Xxoyigv-vqRaEM2HjgbI02hRRRDRoueWAiGPMlMDrNRTlHtZH1ucw-H5nV45Zkd05JB3SqbZb-gmNDhEcTcyGu7ZZrph7EfE5ReyTJUPYtAy3nhG79ICWYDe6sZ1hr935dlXsCh3sRFrdkgMISH4J_s&sig=Cg0ArKJSzJCooyTrbjN7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20221101.45445&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-oYf6_yGTaAyHDcoc4tHezT_UQ94gkgjY-kbraRsYFHBhWfc6_Q9FQOFf04MZrF0BfrgNYgutgPTAzTTyRb5YypVFLQ&cry=1&dbm_d=AKAmf-Ck38Ii2cj1twsK9e7jB9iNokrlk-wOkr1xS1oPEoujLW31wh9Codq88l-q2RqL4_Tab49-KBUAkRdR5tsa-VCDERAb3R_KkxjIoRFLQUE0J9so28ynfuccNNl9qVHbOxyAzWlEVNw7uFH8RRNO6z3-EShiM1vFx3k04F6f4-x2hrrrKW2TEHxCDBFay38LbBA2EZKLk4dXvsDk9-sTX37gRMgw8bT1AbDn8ytmtuzHHoKKHklxAZQeFbkL1rvBKsyPbXVOtSjQdE2q6E6p_IUlRwH1Zvk28aNOhnOYzHgFAlKSKpbtXZfK3DmRHeW-3LBLcM9Ez1vJUe1ErxeTP5DFxqnIP3YgGYwEkRcqweeExS7sgIV2j7sw1ILTvXz8O9fJhWgemtQ-5mUe_kGVudpX0OWQYNUggnwsBXOvla01DuBgvtwN0CAsgF1om8-NrFla_4LMS8NIQbBpDfszRewR_WtFe9TwydFgz6mobPsEXlbGyL7Rku6cs3J2UdI02oIS-8wW-qX4AM9vNBYZREA8foBzCiLuGO8UOXRQL9Cn6GUChUX3oLI4wR_5Kzj-Bf4M7OGpnqaSTO5s50TuBZWL9eq7cY7mi_vtHiDyqqoLXHEDXQwJL92pOju-Qe81ACZd9kRDlQfJMksUWgSOL44ee1SUPG-KMCwzneVYqE596istpHBNktvcpDrjAmBXdGpGDd9jNsNZqiSomQlzB-7GaId4T2aGV8IEjzIZBCq6c35gtv7kRSRUuW30RYtbwbQa50UbsFnOffJIm-GKEpNYI7Dovlwlg9z2_8MV1gyaVOXCbSkrLwNtHt4MWouyxkuBBv6dj8y5VE2_mPjmQGf1NiTRvbNsI_ER3vaLrbK1Hrxb44sGQSUrzlrd01eimQs1ZOKiDme2ASF15no1Yx0EKby-fDBDCWyO1xDvwfyDoJNoTrAZzaC6XJgseiOlEgkqxvRWnI972FSgWX52NRSaN4TjPyTusLPOdykP8Eg57ZwQ34ID0zCsobXWo5afXn0wIxqvUe1VorcnVBschPdRahrpeAPbzZNgA7iFc7I5v52vv7NwfwO69adJMMGOjHWXUjY0nYYGe7rv4Pbdy-K3SIjI_6ypVtOf-2yefIVFK1c5uEaAzDtmoIgRXDppbAsvA_Vd6andhu4rPZzusZmHHDHcVeTLSRRuNBTnZAKB4jqySWk92-PRl9OfcqgjEKgxt3S3htxMP2-8HF5JMcz4Rq7m42C1-9A6G1t10mIIiVDlc7n5d67J2ZXRzvi-A-WqXVpqgpSZP4ZR723njVNDJNJf9FcsCJghnCtX3xg0dp4Lpvu5EJVQBJ9jVmL9o71jMgtKUUO2S40Qn6oNmXnx5kC9Km7eAz_UGeRfqS-80E76JeNxuRkKI0HqAYaTEzj1TK8hksroUjyFMuu-IXZKQdwo2dXmUT12IDKEzNJsaveVBgzo4MpkESM_r4dFpMIvC2ncdrBnvFAC-hfzj4pVpp5z0DzyjErEBz6vkUf0GehfMOqqMcETFlt-nnl_zcgSc96aSjg5lChnDYDDznQiO6uGIEUDkESJMMru5iWOlrD2GiEePfe0zzMwySBZ_NtPQPloHyirckv3dS_yIfXEZ9SwUbPUAsXcrowDcG8xIY_sfiv2PKWFgd07ugeouyoo8otegHJ4ke1azvIVjfVoGksz_n7ib7ULfqKdj9VKinvkaY-qnu4SDMwOnesqutClu52VGjfUYW2pQjImfFes6ycfJPBs-bUqV2nYSFxRAdiYtmLETu-6J95C5P7tt9FVkfeaDKUhNlwvSVl9znY9Dl7eLVh_80gTvcgvFr-Y2aiZq6Ao_omGvRdV-QsYhHb_UjbkQbPH2tl4GhcOgp4G1V_4SEJFw3u87H7zDDz2sHlvlZHSbicnmXsdjrhpNrFtj4bRJSGsQDOVInKW16Bt12ZSVzOSKp2bWft7AL8xclPO5ZlUhnrlS-JBaFhlmmw5xyJV-kJZwyuAkJiovfp4Nh_zcH-Lkg5FyqdaFPepObtUttIRfFUqMKtz3_z96o0cnDyMwyEwMHfXgM8iuikKo1fHG5K6QnwINEm0x5Xe02YFHXcO_p6LWFLpvUGkmLo_ntwTQ1t2yU5HQEINOIDo8g00VDBZpLQwdhlvXzTBheTVRD7ZHoWJlKhidNrlCTXXFUCVEdZqEaSPEiFyg145G-xMMT9qQTbVjBuPUD9JsjwoebT3iYHTbROvLQ4Wpqs0t9sBS__Sgsy6ANnESi1ei1tDGd9513Oyehj5wgdKym0kkMTDnZIA3LRJWK60d0aX0c9CMtQc6YXFnzzBQrl48G2DczQ2upVhpI8k49W55ruxqhQKdtwR8ZmyauEcRv2ALyhJerqg1PO4S2L9ZqyxuPcDUpkPqneez08dCPccdSse4oahn75T6QNqC2tVpzcleDl0cwiu5zKn_79U84p7VMLhLaIx4YqZAfQE-DlltO7ItIvToZNE9_Q5yGrmlrCkDyA0KjG0Q5517mOtDgAoqlYUR022FSJKEI8sXWAG8vr7PdlXGrsDFSDqH_YNs-RiIXbDc0O0B1c5i8bYi9mv9UYYmEVZHky0-4Rl-dnWMVapiGgKcKdgqyXQZPOMi2d63E5PiDn6pBxPQGSi83SWjbdvLiBLlMuEnI6lVhqPsetH1fi2vgllTg4G2OsAcUr7CLzlkIAot-NoqkOfs_8tu4Mm1YysdAxIp3Yz4RbURyWm1AgHCXSLaTO8-qEycktKCMCBi0B6_XDsEepnA5XqQqCh_D0xoxgO0nhQwfsWlgXYppf-Oy6LEf2MI9aqCVx3nNr1uW622TU-V7n4x2VaNoZkjwRJv1zW3-U1Qq0ozRzv24ANNV9f_5e10r3HSi9Ifxy9dWUZmz3MptcD3DQa9_GUaUJm4oZi7H34FkhR3RHokoOxkCuYzBApEznGDxNPr0OlRz2OQ94gRhUyJHVfy2mOJJdcImKWBPx9ILRSMtI1dcVBssG9tul4guRXeL_ZiMvtEwJOId4Fh46VzM6KL_TdOLmjs9Rhp1eHs-k8GdPsqfFFDkvcri0Abiw98QEfqssXOWm18nR7zsEPjPW64C2-gqmTMDX76TCXJQ3ssr34ls_K3MvfwzJMvaGzhZlT70wqt70m58Up520RZ--ZU8SczpGVL0xuftixz5k59m1Z6AnsZOsza6N4qedJ64nAFMGvS68Ic9vGrqJ7k0TzihBpSOmEelN1pIeTzP1GRVMrAfTrEf4crNv6QgdU9tpc0o-iJXiASrsFQPvD87QafC9kuCcGNQWYJPf4YSDLsEEbbgQw3Jqrx7HIGq8FMG5Upv3WnOTWTVOXyt9rS0qt8qHOsYKo1iVPUcok-jVsZt0mMmLKJ65AJJwpuJ4EMHwSbUUZsicNEmW3j2w13k2-_c-kZpKr1oaAO3pbWVLE3nrIsleFwD-3M2LfEpufsx3P2XLVed_srCoAOgPY55-Qp6hPdbRrE-xBxYu_3kIHJhUoMMmQFnd7BK_Z6rqssLEujcs4&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 03 Nov 2022 16:49:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 276D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-oYf6_yGTaAyHDcoc4tHezT_UQ94gkgjY-kbraRsYFHBhWfc6_Q9FQOFf04MZrF0BfrgNYgutgPTAzTTyRb5YypVFLQ&cry=1&dbm_d=AKAmf-Ck38Ii2cj1twsK9e7jB9iNokrlk-wOkr1xS1oPEoujLW31wh9Codq88l-q2RqL4_Tab49-KBUAkRdR5tsa-VCDERAb3R_KkxjIoRFLQUE0J9so28ynfuccNNl9qVHbOxyAzWlEVNw7uFH8RRNO6z3-EShiM1vFx3k04F6f4-x2hrrrKW2TEHxCDBFay38LbBA2EZKLk4dXvsDk9-sTX37gRMgw8bT1AbDn8ytmtuzHHoKKHklxAZQeFbkL1rvBKsyPbXVOtSjQdE2q6E6p_IUlRwH1Zvk28aNOhnOYzHgFAlKSKpbtXZfK3DmRHeW-3LBLcM9Ez1vJUe1ErxeTP5DFxqnIP3YgGYwEkRcqweeExS7sgIV2j7sw1ILTvXz8O9fJhWgemtQ-5mUe_kGVudpX0OWQYNUggnwsBXOvla01DuBgvtwN0CAsgF1om8-NrFla_4LMS8NIQbBpDfszRewR_WtFe9TwydFgz6mobPsEXlbGyL7Rku6cs3J2UdI02oIS-8wW-qX4AM9vNBYZREA8foBzCiLuGO8UOXRQL9Cn6GUChUX3oLI4wR_5Kzj-Bf4M7OGpnqaSTO5s50TuBZWL9eq7cY7mi_vtHiDyqqoLXHEDXQwJL92pOju-Qe81ACZd9kRDlQfJMksUWgSOL44ee1SUPG-KMCwzneVYqE596istpHBNktvcpDrjAmBXdGpGDd9jNsNZqiSomQlzB-7GaId4T2aGV8IEjzIZBCq6c35gtv7kRSRUuW30RYtbwbQa50UbsFnOffJIm-GKEpNYI7Dovlwlg9z2_8MV1gyaVOXCbSkrLwNtHt4MWouyxkuBBv6dj8y5VE2_mPjmQGf1NiTRvbNsI_ER3vaLrbK1Hrxb44sGQSUrzlrd01eimQs1ZOKiDme2ASF15no1Yx0EKby-fDBDCWyO1xDvwfyDoJNoTrAZzaC6XJgseiOlEgkqxvRWnI972FSgWX52NRSaN4TjPyTusLPOdykP8Eg57ZwQ34ID0zCsobXWo5afXn0wIxqvUe1VorcnVBschPdRahrpeAPbzZNgA7iFc7I5v52vv7NwfwO69adJMMGOjHWXUjY0nYYGe7rv4Pbdy-K3SIjI_6ypVtOf-2yefIVFK1c5uEaAzDtmoIgRXDppbAsvA_Vd6andhu4rPZzusZmHHDHcVeTLSRRuNBTnZAKB4jqySWk92-PRl9OfcqgjEKgxt3S3htxMP2-8HF5JMcz4Rq7m42C1-9A6G1t10mIIiVDlc7n5d67J2ZXRzvi-A-WqXVpqgpSZP4ZR723njVNDJNJf9FcsCJghnCtX3xg0dp4Lpvu5EJVQBJ9jVmL9o71jMgtKUUO2S40Qn6oNmXnx5kC9Km7eAz_UGeRfqS-80E76JeNxuRkKI0HqAYaTEzj1TK8hksroUjyFMuu-IXZKQdwo2dXmUT12IDKEzNJsaveVBgzo4MpkESM_r4dFpMIvC2ncdrBnvFAC-hfzj4pVpp5z0DzyjErEBz6vkUf0GehfMOqqMcETFlt-nnl_zcgSc96aSjg5lChnDYDDznQiO6uGIEUDkESJMMru5iWOlrD2GiEePfe0zzMwySBZ_NtPQPloHyirckv3dS_yIfXEZ9SwUbPUAsXcrowDcG8xIY_sfiv2PKWFgd07ugeouyoo8otegHJ4ke1azvIVjfVoGksz_n7ib7ULfqKdj9VKinvkaY-qnu4SDMwOnesqutClu52VGjfUYW2pQjImfFes6ycfJPBs-bUqV2nYSFxRAdiYtmLETu-6J95C5P7tt9FVkfeaDKUhNlwvSVl9znY9Dl7eLVh_80gTvcgvFr-Y2aiZq6Ao_omGvRdV-QsYhHb_UjbkQbPH2tl4GhcOgp4G1V_4SEJFw3u87H7zDDz2sHlvlZHSbicnmXsdjrhpNrFtj4bRJSGsQDOVInKW16Bt12ZSVzOSKp2bWft7AL8xclPO5ZlUhnrlS-JBaFhlmmw5xyJV-kJZwyuAkJiovfp4Nh_zcH-Lkg5FyqdaFPepObtUttIRfFUqMKtz3_z96o0cnDyMwyEwMHfXgM8iuikKo1fHG5K6QnwINEm0x5Xe02YFHXcO_p6LWFLpvUGkmLo_ntwTQ1t2yU5HQEINOIDo8g00VDBZpLQwdhlvXzTBheTVRD7ZHoWJlKhidNrlCTXXFUCVEdZqEaSPEiFyg145G-xMMT9qQTbVjBuPUD9JsjwoebT3iYHTbROvLQ4Wpqs0t9sBS__Sgsy6ANnESi1ei1tDGd9513Oyehj5wgdKym0kkMTDnZIA3LRJWK60d0aX0c9CMtQc6YXFnzzBQrl48G2DczQ2upVhpI8k49W55ruxqhQKdtwR8ZmyauEcRv2ALyhJerqg1PO4S2L9ZqyxuPcDUpkPqneez08dCPccdSse4oahn75T6QNqC2tVpzcleDl0cwiu5zKn_79U84p7VMLhLaIx4YqZAfQE-DlltO7ItIvToZNE9_Q5yGrmlrCkDyA0KjG0Q5517mOtDgAoqlYUR022FSJKEI8sXWAG8vr7PdlXGrsDFSDqH_YNs-RiIXbDc0O0B1c5i8bYi9mv9UYYmEVZHky0-4Rl-dnWMVapiGgKcKdgqyXQZPOMi2d63E5PiDn6pBxPQGSi83SWjbdvLiBLlMuEnI6lVhqPsetH1fi2vgllTg4G2OsAcUr7CLzlkIAot-NoqkOfs_8tu4Mm1YysdAxIp3Yz4RbURyWm1AgHCXSLaTO8-qEycktKCMCBi0B6_XDsEepnA5XqQqCh_D0xoxgO0nhQwfsWlgXYppf-Oy6LEf2MI9aqCVx3nNr1uW622TU-V7n4x2VaNoZkjwRJv1zW3-U1Qq0ozRzv24ANNV9f_5e10r3HSi9Ifxy9dWUZmz3MptcD3DQa9_GUaUJm4oZi7H34FkhR3RHokoOxkCuYzBApEznGDxNPr0OlRz2OQ94gRhUyJHVfy2mOJJdcImKWBPx9ILRSMtI1dcVBssG9tul4guRXeL_ZiMvtEwJOId4Fh46VzM6KL_TdOLmjs9Rhp1eHs-k8GdPsqfFFDkvcri0Abiw98QEfqssXOWm18nR7zsEPjPW64C2-gqmTMDX76TCXJQ3ssr34ls_K3MvfwzJMvaGzhZlT70wqt70m58Up520RZ--ZU8SczpGVL0xuftixz5k59m1Z6AnsZOsza6N4qedJ64nAFMGvS68Ic9vGrqJ7k0TzihBpSOmEelN1pIeTzP1GRVMrAfTrEf4crNv6QgdU9tpc0o-iJXiASrsFQPvD87QafC9kuCcGNQWYJPf4YSDLsEEbbgQw3Jqrx7HIGq8FMG5Upv3WnOTWTVOXyt9rS0qt8qHOsYKo1iVPUcok-jVsZt0mMmLKJ65AJJwpuJ4EMHwSbUUZsicNEmW3j2w13k2-_c-kZpKr1oaAO3pbWVLE3nrIsleFwD-3M2LfEpufsx3P2XLVed_srCoAOgPY55-Qp6hPdbRrE-xBxYu_3kIHJhUoMMmQFnd7BK_Z6rqssLEujcs4&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 17:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 17:27:26 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame F026 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bam9JdBvrklsk1IfNWb9j_TImEbyJxc1ek69fbhhpxJHLHu88iNNR8G5OFKYiltuaDN3ojRqLtqpPMbUPkMGLuWMRhPg&cry=1&dbm_d=AKAmf-A9_F6ULO6oljM9UbBu21NEZqe37xyGAwKKvoW7bxTUoVYh6nvz4qu_mhd2cWxZUCXRePxbfdiGCvzHGz1TECW3zg4zDf_UKb0gygxhuFB4-ztAwcT1hYfCVHW-RsxVTCdRRw27qVBp-y9eM9kpA8YxDN_SVCmngqskAXfeg3ZqftHAlbCs0MZI-6wUbD0bGjFcUNZrfGgI9J3Cuhvpl8yz0kKWr-16QYi41BYx8R07jkD7ybHy8XBOKDc4mbaOdDOmd1bA6uCMo2NhqH6SnXvS7UYG9SnfBe0w0OG-NWQUQHzkvgoe4vdZXJg1oWMHb_29fe07o8DiBBJg5QLWqjyRQQjidUWHcDTqLGxvUZK-cVX80_APTP97A8t5S7uYZzgpnwUe8T8Z9tY7mThIRr00y4wjb_YkK_A2sbMBM1H6iw55cIEAClN1JBk6lhm7tFlt5GugGBj3kuu8LKfGQodAG1OjSAmY_KSBJ_-grxMMdvvzUExgwbCEJSoszMhjYhkg_9E4d-dCDB30zjbDGiXEfcepjqKokhWfUnAiWzcN46smnzH3O96gLDD1wCcMsyVeHVuJ4_I9tYDNxvm8xigfx8DFhD361SgQc-bzIlyZ1TTA3rV77KWnEAhvrm2eSpYNJkZd8DnL4ZoYXLoZOHf9iA-q01rBQ_P8S3rOQ8dSK4Vq3whdcX8T-whS0Xq33OJ9SWqZW_jps3uIf4N_cXIi59GcQfwmjyGfFm3AsWyZ4v2llnvL8I9kG4g4EwRf1w3pQizrXu-A3VJnm53w-JwUP1qXYwdLN419p-DLiBM7Sknj5fXLmp_pIw290iC26g3AWO_ioUt8oaRVhiIG1jTq8fGChJhiElebpiW34Vk4liQLn0661rwmsQB9wydQbIOAyZiGrqnKoFOze6Z0EVx6bU6IA-OJSWJ9WQnPIF_LZqoWfWafcRriPCcDP2JLMpDUuw94_kPPdK_ie9fZE_GLAm3J0Wc6PGsHOpJTewn6vz-GrLX01SMiYDfpHvE7HSlN4Z_b4BwOO8SO5zM9ato9blPGPzQre3SRVBmomzCY4ANos5WtPK3Zyd_w9Wl0xlLD4eiT2rkzCQ8mMI07oi-e7D2PzUqdY3-Bz99ag2uOCkyHnBe_TZ7q4DBC37eehp6ZA5XsPRTDBxp3unUn6DaTvViRrWCP-WN0YNGnJhT5CS_0SI0PRduWi3QuQDqvru54B_wOHVB3f49iMN8Z-s0VmqaB5HqReEgWwvcPVCq2s4mK0qaeLyOdUhpVvgHuDXZUlFCAxbhUCkNvmSqk4obsnVwdXlewUoJV2lRsrtgpll5LAFZoCpsEwjxgDbqpWecws_t0qH2DkqRf30zn3WWsYOLz9DnL47LoPuUgJbpPb2UzPAoJbHNdgVrz1c0Xi_zjxIL9e6NCevgAoXtyV41_BI5wtj8YQbXWiVVbiiV6YnXPoSBxR92-yFGgIA6TWUUjrN2qRrKi571JfpvmPx3I75zO4XQ-Mtu9__2l-fHmTF4JVjLheKilCJBnkiFfSe8zQFxgpK6zjF1kEK9qgUd0CctVk2zEpcyiElJ-_uOjOTj1XEdjn9k9A5Lupi1kNMyJ491iWYRVibp9xz8lQgbYSyc1YTvMCmInfNx1xgtHDBLVWIUJHKak0cc8aAYb_wG1F2HWXtC4vOG52Ob650xHkmSeTrZrN5CXbpl49yqOuOqBFXtkcgM9uSNZG_9LXXSq5SsDYpx2uh9J7_805lpu1C7iWebQpH-ukG41o0IfSe80TlLU1a45JceOybapUCHK39yw1Jfkw79n2g4Je-Jb4AazuULV-GmOlxEhSNKMVf293nbFfI6Xx5H1xFe2yc5hpD6ChjVvrYW5C0JtgdpUfb_aZRI7TWw_tpYAaMkf5tpJo6vrTgWFJTO8zMuHhO5h1rOUiNa2zJivqJLT2IIb4Hl9K43mVY4I48wbs-YvSR7XG9d_uXy5A_dIP4yYCPdnmdop1nBkjjZpwe3InRgJU_nEh3TD_91KOnpRS_vFawnts0ax82lxBHq6zbr64EOgQnZDGUtaSKRZQxomf9tmuDzx7B4ZXI71akF_PmNGLaO0efDNHByUoz71pIddVM3k-bdm9hthzyv9VJEHExvH9qgYeiN_TnHs2nqKmnLvWSZV6Q8Zw488do-WtfuT801dHc9pxbwWdtZJXIbfOZN0_FrjWaTAP41cK0Vj7mS7ggJr-c5em0dH200CpDwm9BIM2BfMCyH-TULRhmK3mzvzLHRT9BzRvyiFRG_mWQENDvdEqLFNYmjWYtTWOCy2V0YqTmYH1gYqr5tmNcaEWHy3H0KNRPtJEiigEmm-nCCl-Tdxjt_-sb03NdfU-nGLJnBGyarus-A0xZEf9ulqkiLHTol1G0IOTyY1VyT18ua4IEZyth4y_Gln7YjwmdpYPjn9uQ4f50uCRZEQ8SnMo-DJ33BRSV_4FggtYaOqk8eOtQseaLNT4jztDz3jk6oHBNqYHO8jgbXe3ucAR2TBd3iiBGC3bPj0ZUBpVMRWxwz9qak3AcU0q7NMF6USv9UkCUkBmTsXTPyyTPFxe32BLALorirUzLylwfqDL9QH_Y4WQX0v5v2A5vRxQlGm5GZ_YPkly5S26Tk_Aika-KYFNmN-WSxqzqv9Fxp0q8Q-1MLDL_x3i50_pDJWTQ-jbpfbX-1iYjnlPMbkOrbgPqe_kRMfP0TYJrfLpkcl3iQel3uvSG5dTVqAIIOTBF5IdIwNdq--cfFqZ0fVWveRMKdZEqv3yx9X7IWVpf6r6TAMQGcixfFMv9e5_6hcWVG8VT68oPI3dcPpRiBBSzi4PbIBqruU6UEvyFf1P5lg-aLPz6c4PSFvEAl8GQPtskLtTJYGToTc_JqENvCTVuNL6Bb1OoMioYdk68a9bDKaWNAQFCSMYiYSO4tGwbiTVKlV3wbqet-ELKEujOCvHO-8P6Vt6XNINevNhRz_hLAZ1XCKe46MEW64cyN0YXyagm-7xVyA-zo6ezSfl_FhMaEJ48472N6E0BM0vrgO_TZStmx-5CencAUDUOMUbQflRT5-ja2nJXC0shJwzIuercf3SKJucBEkWrYkuOmNGp1BO8hOat7uHgnWEYW0RVWOvKeqDizRNgbqDMiB_k80BEJfP1siiCVsDQyBSYzghFd2i1RoPefz08yMUVblteoWN06Lew0n0VZcNFo-Sn6oF9EGBlxuxjS3pvqk94n-_E5bc2AQFwhskryqvYu0ybynlMq63nXiRSdODflQ6c7tBLgsnhLvEmTozdTQK5JZ6c_DUu15SYua-tqbGksRXWkZRiVLwjh3TYMOXx8hRRDiWp__fAG9BBBmxxHalFI09yuy5JgCecKh5H7kkI6WRdjhbXBFTNjA8T0ZOLVhCQo70pdKiwTTX0cOqHpFBEW3F9qTHamK29Y57jYiy7Tq1P-qujAy8X_lWyEz9fq65tPjKAtzVhFHTCqwxciKdPqip_vbKDN_KdXrcEtFZgo&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:29:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
8394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11393
x-xss-protection
0
server
cafe
etag
8974296396314687744
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:29:26 GMT
18044473232813343962
s0.2mdn.net/simgad/ Frame F026 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/18044473232813343962
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bam9JdBvrklsk1IfNWb9j_TImEbyJxc1ek69fbhhpxJHLHu88iNNR8G5OFKYiltuaDN3ojRqLtqpPMbUPkMGLuWMRhPg&cry=1&dbm_d=AKAmf-A9_F6ULO6oljM9UbBu21NEZqe37xyGAwKKvoW7bxTUoVYh6nvz4qu_mhd2cWxZUCXRePxbfdiGCvzHGz1TECW3zg4zDf_UKb0gygxhuFB4-ztAwcT1hYfCVHW-RsxVTCdRRw27qVBp-y9eM9kpA8YxDN_SVCmngqskAXfeg3ZqftHAlbCs0MZI-6wUbD0bGjFcUNZrfGgI9J3Cuhvpl8yz0kKWr-16QYi41BYx8R07jkD7ybHy8XBOKDc4mbaOdDOmd1bA6uCMo2NhqH6SnXvS7UYG9SnfBe0w0OG-NWQUQHzkvgoe4vdZXJg1oWMHb_29fe07o8DiBBJg5QLWqjyRQQjidUWHcDTqLGxvUZK-cVX80_APTP97A8t5S7uYZzgpnwUe8T8Z9tY7mThIRr00y4wjb_YkK_A2sbMBM1H6iw55cIEAClN1JBk6lhm7tFlt5GugGBj3kuu8LKfGQodAG1OjSAmY_KSBJ_-grxMMdvvzUExgwbCEJSoszMhjYhkg_9E4d-dCDB30zjbDGiXEfcepjqKokhWfUnAiWzcN46smnzH3O96gLDD1wCcMsyVeHVuJ4_I9tYDNxvm8xigfx8DFhD361SgQc-bzIlyZ1TTA3rV77KWnEAhvrm2eSpYNJkZd8DnL4ZoYXLoZOHf9iA-q01rBQ_P8S3rOQ8dSK4Vq3whdcX8T-whS0Xq33OJ9SWqZW_jps3uIf4N_cXIi59GcQfwmjyGfFm3AsWyZ4v2llnvL8I9kG4g4EwRf1w3pQizrXu-A3VJnm53w-JwUP1qXYwdLN419p-DLiBM7Sknj5fXLmp_pIw290iC26g3AWO_ioUt8oaRVhiIG1jTq8fGChJhiElebpiW34Vk4liQLn0661rwmsQB9wydQbIOAyZiGrqnKoFOze6Z0EVx6bU6IA-OJSWJ9WQnPIF_LZqoWfWafcRriPCcDP2JLMpDUuw94_kPPdK_ie9fZE_GLAm3J0Wc6PGsHOpJTewn6vz-GrLX01SMiYDfpHvE7HSlN4Z_b4BwOO8SO5zM9ato9blPGPzQre3SRVBmomzCY4ANos5WtPK3Zyd_w9Wl0xlLD4eiT2rkzCQ8mMI07oi-e7D2PzUqdY3-Bz99ag2uOCkyHnBe_TZ7q4DBC37eehp6ZA5XsPRTDBxp3unUn6DaTvViRrWCP-WN0YNGnJhT5CS_0SI0PRduWi3QuQDqvru54B_wOHVB3f49iMN8Z-s0VmqaB5HqReEgWwvcPVCq2s4mK0qaeLyOdUhpVvgHuDXZUlFCAxbhUCkNvmSqk4obsnVwdXlewUoJV2lRsrtgpll5LAFZoCpsEwjxgDbqpWecws_t0qH2DkqRf30zn3WWsYOLz9DnL47LoPuUgJbpPb2UzPAoJbHNdgVrz1c0Xi_zjxIL9e6NCevgAoXtyV41_BI5wtj8YQbXWiVVbiiV6YnXPoSBxR92-yFGgIA6TWUUjrN2qRrKi571JfpvmPx3I75zO4XQ-Mtu9__2l-fHmTF4JVjLheKilCJBnkiFfSe8zQFxgpK6zjF1kEK9qgUd0CctVk2zEpcyiElJ-_uOjOTj1XEdjn9k9A5Lupi1kNMyJ491iWYRVibp9xz8lQgbYSyc1YTvMCmInfNx1xgtHDBLVWIUJHKak0cc8aAYb_wG1F2HWXtC4vOG52Ob650xHkmSeTrZrN5CXbpl49yqOuOqBFXtkcgM9uSNZG_9LXXSq5SsDYpx2uh9J7_805lpu1C7iWebQpH-ukG41o0IfSe80TlLU1a45JceOybapUCHK39yw1Jfkw79n2g4Je-Jb4AazuULV-GmOlxEhSNKMVf293nbFfI6Xx5H1xFe2yc5hpD6ChjVvrYW5C0JtgdpUfb_aZRI7TWw_tpYAaMkf5tpJo6vrTgWFJTO8zMuHhO5h1rOUiNa2zJivqJLT2IIb4Hl9K43mVY4I48wbs-YvSR7XG9d_uXy5A_dIP4yYCPdnmdop1nBkjjZpwe3InRgJU_nEh3TD_91KOnpRS_vFawnts0ax82lxBHq6zbr64EOgQnZDGUtaSKRZQxomf9tmuDzx7B4ZXI71akF_PmNGLaO0efDNHByUoz71pIddVM3k-bdm9hthzyv9VJEHExvH9qgYeiN_TnHs2nqKmnLvWSZV6Q8Zw488do-WtfuT801dHc9pxbwWdtZJXIbfOZN0_FrjWaTAP41cK0Vj7mS7ggJr-c5em0dH200CpDwm9BIM2BfMCyH-TULRhmK3mzvzLHRT9BzRvyiFRG_mWQENDvdEqLFNYmjWYtTWOCy2V0YqTmYH1gYqr5tmNcaEWHy3H0KNRPtJEiigEmm-nCCl-Tdxjt_-sb03NdfU-nGLJnBGyarus-A0xZEf9ulqkiLHTol1G0IOTyY1VyT18ua4IEZyth4y_Gln7YjwmdpYPjn9uQ4f50uCRZEQ8SnMo-DJ33BRSV_4FggtYaOqk8eOtQseaLNT4jztDz3jk6oHBNqYHO8jgbXe3ucAR2TBd3iiBGC3bPj0ZUBpVMRWxwz9qak3AcU0q7NMF6USv9UkCUkBmTsXTPyyTPFxe32BLALorirUzLylwfqDL9QH_Y4WQX0v5v2A5vRxQlGm5GZ_YPkly5S26Tk_Aika-KYFNmN-WSxqzqv9Fxp0q8Q-1MLDL_x3i50_pDJWTQ-jbpfbX-1iYjnlPMbkOrbgPqe_kRMfP0TYJrfLpkcl3iQel3uvSG5dTVqAIIOTBF5IdIwNdq--cfFqZ0fVWveRMKdZEqv3yx9X7IWVpf6r6TAMQGcixfFMv9e5_6hcWVG8VT68oPI3dcPpRiBBSzi4PbIBqruU6UEvyFf1P5lg-aLPz6c4PSFvEAl8GQPtskLtTJYGToTc_JqENvCTVuNL6Bb1OoMioYdk68a9bDKaWNAQFCSMYiYSO4tGwbiTVKlV3wbqet-ELKEujOCvHO-8P6Vt6XNINevNhRz_hLAZ1XCKe46MEW64cyN0YXyagm-7xVyA-zo6ezSfl_FhMaEJ48472N6E0BM0vrgO_TZStmx-5CencAUDUOMUbQflRT5-ja2nJXC0shJwzIuercf3SKJucBEkWrYkuOmNGp1BO8hOat7uHgnWEYW0RVWOvKeqDizRNgbqDMiB_k80BEJfP1siiCVsDQyBSYzghFd2i1RoPefz08yMUVblteoWN06Lew0n0VZcNFo-Sn6oF9EGBlxuxjS3pvqk94n-_E5bc2AQFwhskryqvYu0ybynlMq63nXiRSdODflQ6c7tBLgsnhLvEmTozdTQK5JZ6c_DUu15SYua-tqbGksRXWkZRiVLwjh3TYMOXx8hRRDiWp__fAG9BBBmxxHalFI09yuy5JgCecKh5H7kkI6WRdjhbXBFTNjA8T0ZOLVhCQo70pdKiwTTX0cOqHpFBEW3F9qTHamK29Y57jYiy7Tq1P-qujAy8X_lWyEz9fq65tPjKAtzVhFHTCqwxciKdPqip_vbKDN_KdXrcEtFZgo&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90e41462054c1be060e84993528dcd439b424dfd0b3ab6663f37f680cff898e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 05:45:22 GMT
x-content-type-options
nosniff
age
126238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48363
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 20:42:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Nov 2023 05:45:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame F026 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bam9JdBvrklsk1IfNWb9j_TImEbyJxc1ek69fbhhpxJHLHu88iNNR8G5OFKYiltuaDN3ojRqLtqpPMbUPkMGLuWMRhPg&cry=1&dbm_d=AKAmf-A9_F6ULO6oljM9UbBu21NEZqe37xyGAwKKvoW7bxTUoVYh6nvz4qu_mhd2cWxZUCXRePxbfdiGCvzHGz1TECW3zg4zDf_UKb0gygxhuFB4-ztAwcT1hYfCVHW-RsxVTCdRRw27qVBp-y9eM9kpA8YxDN_SVCmngqskAXfeg3ZqftHAlbCs0MZI-6wUbD0bGjFcUNZrfGgI9J3Cuhvpl8yz0kKWr-16QYi41BYx8R07jkD7ybHy8XBOKDc4mbaOdDOmd1bA6uCMo2NhqH6SnXvS7UYG9SnfBe0w0OG-NWQUQHzkvgoe4vdZXJg1oWMHb_29fe07o8DiBBJg5QLWqjyRQQjidUWHcDTqLGxvUZK-cVX80_APTP97A8t5S7uYZzgpnwUe8T8Z9tY7mThIRr00y4wjb_YkK_A2sbMBM1H6iw55cIEAClN1JBk6lhm7tFlt5GugGBj3kuu8LKfGQodAG1OjSAmY_KSBJ_-grxMMdvvzUExgwbCEJSoszMhjYhkg_9E4d-dCDB30zjbDGiXEfcepjqKokhWfUnAiWzcN46smnzH3O96gLDD1wCcMsyVeHVuJ4_I9tYDNxvm8xigfx8DFhD361SgQc-bzIlyZ1TTA3rV77KWnEAhvrm2eSpYNJkZd8DnL4ZoYXLoZOHf9iA-q01rBQ_P8S3rOQ8dSK4Vq3whdcX8T-whS0Xq33OJ9SWqZW_jps3uIf4N_cXIi59GcQfwmjyGfFm3AsWyZ4v2llnvL8I9kG4g4EwRf1w3pQizrXu-A3VJnm53w-JwUP1qXYwdLN419p-DLiBM7Sknj5fXLmp_pIw290iC26g3AWO_ioUt8oaRVhiIG1jTq8fGChJhiElebpiW34Vk4liQLn0661rwmsQB9wydQbIOAyZiGrqnKoFOze6Z0EVx6bU6IA-OJSWJ9WQnPIF_LZqoWfWafcRriPCcDP2JLMpDUuw94_kPPdK_ie9fZE_GLAm3J0Wc6PGsHOpJTewn6vz-GrLX01SMiYDfpHvE7HSlN4Z_b4BwOO8SO5zM9ato9blPGPzQre3SRVBmomzCY4ANos5WtPK3Zyd_w9Wl0xlLD4eiT2rkzCQ8mMI07oi-e7D2PzUqdY3-Bz99ag2uOCkyHnBe_TZ7q4DBC37eehp6ZA5XsPRTDBxp3unUn6DaTvViRrWCP-WN0YNGnJhT5CS_0SI0PRduWi3QuQDqvru54B_wOHVB3f49iMN8Z-s0VmqaB5HqReEgWwvcPVCq2s4mK0qaeLyOdUhpVvgHuDXZUlFCAxbhUCkNvmSqk4obsnVwdXlewUoJV2lRsrtgpll5LAFZoCpsEwjxgDbqpWecws_t0qH2DkqRf30zn3WWsYOLz9DnL47LoPuUgJbpPb2UzPAoJbHNdgVrz1c0Xi_zjxIL9e6NCevgAoXtyV41_BI5wtj8YQbXWiVVbiiV6YnXPoSBxR92-yFGgIA6TWUUjrN2qRrKi571JfpvmPx3I75zO4XQ-Mtu9__2l-fHmTF4JVjLheKilCJBnkiFfSe8zQFxgpK6zjF1kEK9qgUd0CctVk2zEpcyiElJ-_uOjOTj1XEdjn9k9A5Lupi1kNMyJ491iWYRVibp9xz8lQgbYSyc1YTvMCmInfNx1xgtHDBLVWIUJHKak0cc8aAYb_wG1F2HWXtC4vOG52Ob650xHkmSeTrZrN5CXbpl49yqOuOqBFXtkcgM9uSNZG_9LXXSq5SsDYpx2uh9J7_805lpu1C7iWebQpH-ukG41o0IfSe80TlLU1a45JceOybapUCHK39yw1Jfkw79n2g4Je-Jb4AazuULV-GmOlxEhSNKMVf293nbFfI6Xx5H1xFe2yc5hpD6ChjVvrYW5C0JtgdpUfb_aZRI7TWw_tpYAaMkf5tpJo6vrTgWFJTO8zMuHhO5h1rOUiNa2zJivqJLT2IIb4Hl9K43mVY4I48wbs-YvSR7XG9d_uXy5A_dIP4yYCPdnmdop1nBkjjZpwe3InRgJU_nEh3TD_91KOnpRS_vFawnts0ax82lxBHq6zbr64EOgQnZDGUtaSKRZQxomf9tmuDzx7B4ZXI71akF_PmNGLaO0efDNHByUoz71pIddVM3k-bdm9hthzyv9VJEHExvH9qgYeiN_TnHs2nqKmnLvWSZV6Q8Zw488do-WtfuT801dHc9pxbwWdtZJXIbfOZN0_FrjWaTAP41cK0Vj7mS7ggJr-c5em0dH200CpDwm9BIM2BfMCyH-TULRhmK3mzvzLHRT9BzRvyiFRG_mWQENDvdEqLFNYmjWYtTWOCy2V0YqTmYH1gYqr5tmNcaEWHy3H0KNRPtJEiigEmm-nCCl-Tdxjt_-sb03NdfU-nGLJnBGyarus-A0xZEf9ulqkiLHTol1G0IOTyY1VyT18ua4IEZyth4y_Gln7YjwmdpYPjn9uQ4f50uCRZEQ8SnMo-DJ33BRSV_4FggtYaOqk8eOtQseaLNT4jztDz3jk6oHBNqYHO8jgbXe3ucAR2TBd3iiBGC3bPj0ZUBpVMRWxwz9qak3AcU0q7NMF6USv9UkCUkBmTsXTPyyTPFxe32BLALorirUzLylwfqDL9QH_Y4WQX0v5v2A5vRxQlGm5GZ_YPkly5S26Tk_Aika-KYFNmN-WSxqzqv9Fxp0q8Q-1MLDL_x3i50_pDJWTQ-jbpfbX-1iYjnlPMbkOrbgPqe_kRMfP0TYJrfLpkcl3iQel3uvSG5dTVqAIIOTBF5IdIwNdq--cfFqZ0fVWveRMKdZEqv3yx9X7IWVpf6r6TAMQGcixfFMv9e5_6hcWVG8VT68oPI3dcPpRiBBSzi4PbIBqruU6UEvyFf1P5lg-aLPz6c4PSFvEAl8GQPtskLtTJYGToTc_JqENvCTVuNL6Bb1OoMioYdk68a9bDKaWNAQFCSMYiYSO4tGwbiTVKlV3wbqet-ELKEujOCvHO-8P6Vt6XNINevNhRz_hLAZ1XCKe46MEW64cyN0YXyagm-7xVyA-zo6ezSfl_FhMaEJ48472N6E0BM0vrgO_TZStmx-5CencAUDUOMUbQflRT5-ja2nJXC0shJwzIuercf3SKJucBEkWrYkuOmNGp1BO8hOat7uHgnWEYW0RVWOvKeqDizRNgbqDMiB_k80BEJfP1siiCVsDQyBSYzghFd2i1RoPefz08yMUVblteoWN06Lew0n0VZcNFo-Sn6oF9EGBlxuxjS3pvqk94n-_E5bc2AQFwhskryqvYu0ybynlMq63nXiRSdODflQ6c7tBLgsnhLvEmTozdTQK5JZ6c_DUu15SYua-tqbGksRXWkZRiVLwjh3TYMOXx8hRRDiWp__fAG9BBBmxxHalFI09yuy5JgCecKh5H7kkI6WRdjhbXBFTNjA8T0ZOLVhCQo70pdKiwTTX0cOqHpFBEW3F9qTHamK29Y57jYiy7Tq1P-qujAy8X_lWyEz9fq65tPjKAtzVhFHTCqwxciKdPqip_vbKDN_KdXrcEtFZgo&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
8395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:29:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F026 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstdkT7nFcaAUj-4QpYRrR3gypA32tf72wNLKTVoFpwcVBXrC_YzrB1ho-P4IWjrliU5gygU0TvoVeqPaE8VRdj13hq4xBL39_h5YEwcuc2CK0PdVInv7a5KWQfdM-ndmjr2vWZ4yUPn3qI3O5GOChRUxA3KWnEQEQp9dlylphmhl5CC0fcynWzXfUs40IDgVHvCvL3o7yIenKRIPGnBp6X5EaalHPVEXg03QhdDjjzpz8Okq4kuL5Zx8BUHCpa5sRnMguL5OKipeky-fawJVSitsWKcombIijj643IMhviknRtWIigV5kjzAXAgceZ19av-dClHcmnjDaJ32wDmtPahKlVR_Xb5J9Ay9Qw6wAnRL06h_yThAYswVhliI8EKa9j7ZTIX4J8BP58C2SS-MNdY7fEBOILUvYCJSOFMPk0HECZJcNZb39ymoK8JxtUrSMhWKfC2sF2jEEkszTI7e4VrgvfMpwldG-hRQXy2hmG-GyoJUPKRpQpTVyxYs6JpQfYyv2mnlQV3dVfg8Qu8m8ZrYTpwkPChDbsnuSIEmHFTiN3FCQEUmcwXqkvmJ1kYiH0tK3hbNf_xaghHAyHgzjIMSQoht8R5I2teCnZcntXYBvnYxlOkY66i57yj-fhNyTquqKK3ouUESq6oAQKdu5q8pc5_dbLDhCPkX5xgqd_YmJzFMaWYziOwpO0gJJGeCS6DOXqLJVuvQx-BlA83TRJHPz9gIgsDDUw01xfThdyRZ-cq3mLlpNNlB1ajhIGhVpwpC_OoqstJyf7PCEGpAziaqCog52b0JYNF8Vhyp6-JOsV1yLsIE3UoZVntDelpE3Uf_AVCfOEbfj_I4aaaoP37Nj3lLCMgp9owzj_Mr3xvG8oKS9j0vyAZRXwb-uxua1YKAwOEV10nHpq_rwR92idpDXXsappwHFfd7HdQxIx0H0nOyyV9pl5lzdsR_1xIycBe-B_KSoGDAjp-k3E7BJHfRO847us1TCo59xp7kzFySLgZOOP8RFhAVe3HTJMna3RaJB0ekG6tNVZvg0g7ah29KkQMbMjHFiNK-a5X-d75Az1j7DccJwzBAxF6rsfH0h0sD2fUHtxH7s_v-tGGJYDMS3phlcNumvRDlkscuLeZdLVdfqgVB8Cdvs_OUgxVBEPqnucb_Hdse2l5pMMJMjw_iIyxJSWukcmD0q-RFIXzt_5v98rp6tHf0puLDnvOcj7b-XxQniiZ4oLEu3iCIU1RApeeo6Wjzwduyj4zid7E-IvzigZqhN9rlaunOuwQNH3vKu3RU0GSTcoC3iaDNvAOlmskr-GhHaGL-qotgAhaEOnkwYeR5dzOqGRHdRXWkTe0FA&sai=AMfl-YThifC9Sa3Wib2-44sfFXCKtmGDUlpZ98VADccqU3jQLSBlsgb04UcAUSx893NxqvkZBVRyexhAmQiSx-hMCchkIYMIiflvs0daAz8XJzEVWLh0YmQRAcFlVqFHx9zBo7wBmwbwFFQcIKkJuyv5hm9KTKal6NfdR58y-LhMgh1EpGMSaPKwdlesd_RRNLKvRcgmByqDCVZSAmErRZ1Uw4D0w3mZI1PjJ5Yu3pj-8emXjWtw3XHtr8qV8FxbqZKVXnyv5Jqs3_1uhEvWyQoyQNWnFCp7f4miORklygw&sig=Cg0ArKJSzEbex6QSVrncEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221101.56427&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bam9JdBvrklsk1IfNWb9j_TImEbyJxc1ek69fbhhpxJHLHu88iNNR8G5OFKYiltuaDN3ojRqLtqpPMbUPkMGLuWMRhPg&cry=1&dbm_d=AKAmf-A9_F6ULO6oljM9UbBu21NEZqe37xyGAwKKvoW7bxTUoVYh6nvz4qu_mhd2cWxZUCXRePxbfdiGCvzHGz1TECW3zg4zDf_UKb0gygxhuFB4-ztAwcT1hYfCVHW-RsxVTCdRRw27qVBp-y9eM9kpA8YxDN_SVCmngqskAXfeg3ZqftHAlbCs0MZI-6wUbD0bGjFcUNZrfGgI9J3Cuhvpl8yz0kKWr-16QYi41BYx8R07jkD7ybHy8XBOKDc4mbaOdDOmd1bA6uCMo2NhqH6SnXvS7UYG9SnfBe0w0OG-NWQUQHzkvgoe4vdZXJg1oWMHb_29fe07o8DiBBJg5QLWqjyRQQjidUWHcDTqLGxvUZK-cVX80_APTP97A8t5S7uYZzgpnwUe8T8Z9tY7mThIRr00y4wjb_YkK_A2sbMBM1H6iw55cIEAClN1JBk6lhm7tFlt5GugGBj3kuu8LKfGQodAG1OjSAmY_KSBJ_-grxMMdvvzUExgwbCEJSoszMhjYhkg_9E4d-dCDB30zjbDGiXEfcepjqKokhWfUnAiWzcN46smnzH3O96gLDD1wCcMsyVeHVuJ4_I9tYDNxvm8xigfx8DFhD361SgQc-bzIlyZ1TTA3rV77KWnEAhvrm2eSpYNJkZd8DnL4ZoYXLoZOHf9iA-q01rBQ_P8S3rOQ8dSK4Vq3whdcX8T-whS0Xq33OJ9SWqZW_jps3uIf4N_cXIi59GcQfwmjyGfFm3AsWyZ4v2llnvL8I9kG4g4EwRf1w3pQizrXu-A3VJnm53w-JwUP1qXYwdLN419p-DLiBM7Sknj5fXLmp_pIw290iC26g3AWO_ioUt8oaRVhiIG1jTq8fGChJhiElebpiW34Vk4liQLn0661rwmsQB9wydQbIOAyZiGrqnKoFOze6Z0EVx6bU6IA-OJSWJ9WQnPIF_LZqoWfWafcRriPCcDP2JLMpDUuw94_kPPdK_ie9fZE_GLAm3J0Wc6PGsHOpJTewn6vz-GrLX01SMiYDfpHvE7HSlN4Z_b4BwOO8SO5zM9ato9blPGPzQre3SRVBmomzCY4ANos5WtPK3Zyd_w9Wl0xlLD4eiT2rkzCQ8mMI07oi-e7D2PzUqdY3-Bz99ag2uOCkyHnBe_TZ7q4DBC37eehp6ZA5XsPRTDBxp3unUn6DaTvViRrWCP-WN0YNGnJhT5CS_0SI0PRduWi3QuQDqvru54B_wOHVB3f49iMN8Z-s0VmqaB5HqReEgWwvcPVCq2s4mK0qaeLyOdUhpVvgHuDXZUlFCAxbhUCkNvmSqk4obsnVwdXlewUoJV2lRsrtgpll5LAFZoCpsEwjxgDbqpWecws_t0qH2DkqRf30zn3WWsYOLz9DnL47LoPuUgJbpPb2UzPAoJbHNdgVrz1c0Xi_zjxIL9e6NCevgAoXtyV41_BI5wtj8YQbXWiVVbiiV6YnXPoSBxR92-yFGgIA6TWUUjrN2qRrKi571JfpvmPx3I75zO4XQ-Mtu9__2l-fHmTF4JVjLheKilCJBnkiFfSe8zQFxgpK6zjF1kEK9qgUd0CctVk2zEpcyiElJ-_uOjOTj1XEdjn9k9A5Lupi1kNMyJ491iWYRVibp9xz8lQgbYSyc1YTvMCmInfNx1xgtHDBLVWIUJHKak0cc8aAYb_wG1F2HWXtC4vOG52Ob650xHkmSeTrZrN5CXbpl49yqOuOqBFXtkcgM9uSNZG_9LXXSq5SsDYpx2uh9J7_805lpu1C7iWebQpH-ukG41o0IfSe80TlLU1a45JceOybapUCHK39yw1Jfkw79n2g4Je-Jb4AazuULV-GmOlxEhSNKMVf293nbFfI6Xx5H1xFe2yc5hpD6ChjVvrYW5C0JtgdpUfb_aZRI7TWw_tpYAaMkf5tpJo6vrTgWFJTO8zMuHhO5h1rOUiNa2zJivqJLT2IIb4Hl9K43mVY4I48wbs-YvSR7XG9d_uXy5A_dIP4yYCPdnmdop1nBkjjZpwe3InRgJU_nEh3TD_91KOnpRS_vFawnts0ax82lxBHq6zbr64EOgQnZDGUtaSKRZQxomf9tmuDzx7B4ZXI71akF_PmNGLaO0efDNHByUoz71pIddVM3k-bdm9hthzyv9VJEHExvH9qgYeiN_TnHs2nqKmnLvWSZV6Q8Zw488do-WtfuT801dHc9pxbwWdtZJXIbfOZN0_FrjWaTAP41cK0Vj7mS7ggJr-c5em0dH200CpDwm9BIM2BfMCyH-TULRhmK3mzvzLHRT9BzRvyiFRG_mWQENDvdEqLFNYmjWYtTWOCy2V0YqTmYH1gYqr5tmNcaEWHy3H0KNRPtJEiigEmm-nCCl-Tdxjt_-sb03NdfU-nGLJnBGyarus-A0xZEf9ulqkiLHTol1G0IOTyY1VyT18ua4IEZyth4y_Gln7YjwmdpYPjn9uQ4f50uCRZEQ8SnMo-DJ33BRSV_4FggtYaOqk8eOtQseaLNT4jztDz3jk6oHBNqYHO8jgbXe3ucAR2TBd3iiBGC3bPj0ZUBpVMRWxwz9qak3AcU0q7NMF6USv9UkCUkBmTsXTPyyTPFxe32BLALorirUzLylwfqDL9QH_Y4WQX0v5v2A5vRxQlGm5GZ_YPkly5S26Tk_Aika-KYFNmN-WSxqzqv9Fxp0q8Q-1MLDL_x3i50_pDJWTQ-jbpfbX-1iYjnlPMbkOrbgPqe_kRMfP0TYJrfLpkcl3iQel3uvSG5dTVqAIIOTBF5IdIwNdq--cfFqZ0fVWveRMKdZEqv3yx9X7IWVpf6r6TAMQGcixfFMv9e5_6hcWVG8VT68oPI3dcPpRiBBSzi4PbIBqruU6UEvyFf1P5lg-aLPz6c4PSFvEAl8GQPtskLtTJYGToTc_JqENvCTVuNL6Bb1OoMioYdk68a9bDKaWNAQFCSMYiYSO4tGwbiTVKlV3wbqet-ELKEujOCvHO-8P6Vt6XNINevNhRz_hLAZ1XCKe46MEW64cyN0YXyagm-7xVyA-zo6ezSfl_FhMaEJ48472N6E0BM0vrgO_TZStmx-5CencAUDUOMUbQflRT5-ja2nJXC0shJwzIuercf3SKJucBEkWrYkuOmNGp1BO8hOat7uHgnWEYW0RVWOvKeqDizRNgbqDMiB_k80BEJfP1siiCVsDQyBSYzghFd2i1RoPefz08yMUVblteoWN06Lew0n0VZcNFo-Sn6oF9EGBlxuxjS3pvqk94n-_E5bc2AQFwhskryqvYu0ybynlMq63nXiRSdODflQ6c7tBLgsnhLvEmTozdTQK5JZ6c_DUu15SYua-tqbGksRXWkZRiVLwjh3TYMOXx8hRRDiWp__fAG9BBBmxxHalFI09yuy5JgCecKh5H7kkI6WRdjhbXBFTNjA8T0ZOLVhCQo70pdKiwTTX0cOqHpFBEW3F9qTHamK29Y57jYiy7Tq1P-qujAy8X_lWyEz9fq65tPjKAtzVhFHTCqwxciKdPqip_vbKDN_KdXrcEtFZgo&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 03 Nov 2022 16:49:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F026 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bam9JdBvrklsk1IfNWb9j_TImEbyJxc1ek69fbhhpxJHLHu88iNNR8G5OFKYiltuaDN3ojRqLtqpPMbUPkMGLuWMRhPg&cry=1&dbm_d=AKAmf-A9_F6ULO6oljM9UbBu21NEZqe37xyGAwKKvoW7bxTUoVYh6nvz4qu_mhd2cWxZUCXRePxbfdiGCvzHGz1TECW3zg4zDf_UKb0gygxhuFB4-ztAwcT1hYfCVHW-RsxVTCdRRw27qVBp-y9eM9kpA8YxDN_SVCmngqskAXfeg3ZqftHAlbCs0MZI-6wUbD0bGjFcUNZrfGgI9J3Cuhvpl8yz0kKWr-16QYi41BYx8R07jkD7ybHy8XBOKDc4mbaOdDOmd1bA6uCMo2NhqH6SnXvS7UYG9SnfBe0w0OG-NWQUQHzkvgoe4vdZXJg1oWMHb_29fe07o8DiBBJg5QLWqjyRQQjidUWHcDTqLGxvUZK-cVX80_APTP97A8t5S7uYZzgpnwUe8T8Z9tY7mThIRr00y4wjb_YkK_A2sbMBM1H6iw55cIEAClN1JBk6lhm7tFlt5GugGBj3kuu8LKfGQodAG1OjSAmY_KSBJ_-grxMMdvvzUExgwbCEJSoszMhjYhkg_9E4d-dCDB30zjbDGiXEfcepjqKokhWfUnAiWzcN46smnzH3O96gLDD1wCcMsyVeHVuJ4_I9tYDNxvm8xigfx8DFhD361SgQc-bzIlyZ1TTA3rV77KWnEAhvrm2eSpYNJkZd8DnL4ZoYXLoZOHf9iA-q01rBQ_P8S3rOQ8dSK4Vq3whdcX8T-whS0Xq33OJ9SWqZW_jps3uIf4N_cXIi59GcQfwmjyGfFm3AsWyZ4v2llnvL8I9kG4g4EwRf1w3pQizrXu-A3VJnm53w-JwUP1qXYwdLN419p-DLiBM7Sknj5fXLmp_pIw290iC26g3AWO_ioUt8oaRVhiIG1jTq8fGChJhiElebpiW34Vk4liQLn0661rwmsQB9wydQbIOAyZiGrqnKoFOze6Z0EVx6bU6IA-OJSWJ9WQnPIF_LZqoWfWafcRriPCcDP2JLMpDUuw94_kPPdK_ie9fZE_GLAm3J0Wc6PGsHOpJTewn6vz-GrLX01SMiYDfpHvE7HSlN4Z_b4BwOO8SO5zM9ato9blPGPzQre3SRVBmomzCY4ANos5WtPK3Zyd_w9Wl0xlLD4eiT2rkzCQ8mMI07oi-e7D2PzUqdY3-Bz99ag2uOCkyHnBe_TZ7q4DBC37eehp6ZA5XsPRTDBxp3unUn6DaTvViRrWCP-WN0YNGnJhT5CS_0SI0PRduWi3QuQDqvru54B_wOHVB3f49iMN8Z-s0VmqaB5HqReEgWwvcPVCq2s4mK0qaeLyOdUhpVvgHuDXZUlFCAxbhUCkNvmSqk4obsnVwdXlewUoJV2lRsrtgpll5LAFZoCpsEwjxgDbqpWecws_t0qH2DkqRf30zn3WWsYOLz9DnL47LoPuUgJbpPb2UzPAoJbHNdgVrz1c0Xi_zjxIL9e6NCevgAoXtyV41_BI5wtj8YQbXWiVVbiiV6YnXPoSBxR92-yFGgIA6TWUUjrN2qRrKi571JfpvmPx3I75zO4XQ-Mtu9__2l-fHmTF4JVjLheKilCJBnkiFfSe8zQFxgpK6zjF1kEK9qgUd0CctVk2zEpcyiElJ-_uOjOTj1XEdjn9k9A5Lupi1kNMyJ491iWYRVibp9xz8lQgbYSyc1YTvMCmInfNx1xgtHDBLVWIUJHKak0cc8aAYb_wG1F2HWXtC4vOG52Ob650xHkmSeTrZrN5CXbpl49yqOuOqBFXtkcgM9uSNZG_9LXXSq5SsDYpx2uh9J7_805lpu1C7iWebQpH-ukG41o0IfSe80TlLU1a45JceOybapUCHK39yw1Jfkw79n2g4Je-Jb4AazuULV-GmOlxEhSNKMVf293nbFfI6Xx5H1xFe2yc5hpD6ChjVvrYW5C0JtgdpUfb_aZRI7TWw_tpYAaMkf5tpJo6vrTgWFJTO8zMuHhO5h1rOUiNa2zJivqJLT2IIb4Hl9K43mVY4I48wbs-YvSR7XG9d_uXy5A_dIP4yYCPdnmdop1nBkjjZpwe3InRgJU_nEh3TD_91KOnpRS_vFawnts0ax82lxBHq6zbr64EOgQnZDGUtaSKRZQxomf9tmuDzx7B4ZXI71akF_PmNGLaO0efDNHByUoz71pIddVM3k-bdm9hthzyv9VJEHExvH9qgYeiN_TnHs2nqKmnLvWSZV6Q8Zw488do-WtfuT801dHc9pxbwWdtZJXIbfOZN0_FrjWaTAP41cK0Vj7mS7ggJr-c5em0dH200CpDwm9BIM2BfMCyH-TULRhmK3mzvzLHRT9BzRvyiFRG_mWQENDvdEqLFNYmjWYtTWOCy2V0YqTmYH1gYqr5tmNcaEWHy3H0KNRPtJEiigEmm-nCCl-Tdxjt_-sb03NdfU-nGLJnBGyarus-A0xZEf9ulqkiLHTol1G0IOTyY1VyT18ua4IEZyth4y_Gln7YjwmdpYPjn9uQ4f50uCRZEQ8SnMo-DJ33BRSV_4FggtYaOqk8eOtQseaLNT4jztDz3jk6oHBNqYHO8jgbXe3ucAR2TBd3iiBGC3bPj0ZUBpVMRWxwz9qak3AcU0q7NMF6USv9UkCUkBmTsXTPyyTPFxe32BLALorirUzLylwfqDL9QH_Y4WQX0v5v2A5vRxQlGm5GZ_YPkly5S26Tk_Aika-KYFNmN-WSxqzqv9Fxp0q8Q-1MLDL_x3i50_pDJWTQ-jbpfbX-1iYjnlPMbkOrbgPqe_kRMfP0TYJrfLpkcl3iQel3uvSG5dTVqAIIOTBF5IdIwNdq--cfFqZ0fVWveRMKdZEqv3yx9X7IWVpf6r6TAMQGcixfFMv9e5_6hcWVG8VT68oPI3dcPpRiBBSzi4PbIBqruU6UEvyFf1P5lg-aLPz6c4PSFvEAl8GQPtskLtTJYGToTc_JqENvCTVuNL6Bb1OoMioYdk68a9bDKaWNAQFCSMYiYSO4tGwbiTVKlV3wbqet-ELKEujOCvHO-8P6Vt6XNINevNhRz_hLAZ1XCKe46MEW64cyN0YXyagm-7xVyA-zo6ezSfl_FhMaEJ48472N6E0BM0vrgO_TZStmx-5CencAUDUOMUbQflRT5-ja2nJXC0shJwzIuercf3SKJucBEkWrYkuOmNGp1BO8hOat7uHgnWEYW0RVWOvKeqDizRNgbqDMiB_k80BEJfP1siiCVsDQyBSYzghFd2i1RoPefz08yMUVblteoWN06Lew0n0VZcNFo-Sn6oF9EGBlxuxjS3pvqk94n-_E5bc2AQFwhskryqvYu0ybynlMq63nXiRSdODflQ6c7tBLgsnhLvEmTozdTQK5JZ6c_DUu15SYua-tqbGksRXWkZRiVLwjh3TYMOXx8hRRDiWp__fAG9BBBmxxHalFI09yuy5JgCecKh5H7kkI6WRdjhbXBFTNjA8T0ZOLVhCQo70pdKiwTTX0cOqHpFBEW3F9qTHamK29Y57jYiy7Tq1P-qujAy8X_lWyEz9fq65tPjKAtzVhFHTCqwxciKdPqip_vbKDN_KdXrcEtFZgo&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 17:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 17:27:26 GMT
css
fonts.googleapis.com/ Frame 03BA 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 14:50:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 16:49:20 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 03BA 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
7143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:50:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 03BA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 10:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
22282
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 10:37:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 03BA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 15:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 15:02:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 03BA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
7835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:38:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 03BA 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667389194171289"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 16:49:20 GMT
0d3fd3b530a886383bd6b91513e5ed38.js
www.gstatic.com/mysidia/ Frame 03BA 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 20:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14033
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 19:54:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 20:18:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 2AA5 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1SEijViJIrYRFDs5IqtPIAdhgHBwAR4cL-ShHgcwIR01HxiTAn_Z3kjLeeD1r-AOTMRouq0R2XVWKujuSdLGtjkEdvg&cry=1&dbm_d=AKAmf-Do2YN-xCFHwUMg_QWBPbUwmAl-oERn26veBWwwDUvsPSedPC-qBpV7dPZOPb8dkJzHOmzOYUiCEAwFWdqm-mqm_K0tBWpAvto-7GpzMOcn2B5Kf5iYQsrOFoJW-45lIafRUiPgel4QtLZXDgBa3_jtAkSrkPDiH7OoZZ1SpZzucybF7HHe7OAycvy-37faXRDlaeslkcRDg-xg4nlCtrvalfSGaPUtqxKM2SzxZkp0IjSRLzusR-M5XfVKQZDxfcScm3E0ZOOrsC_6TExnEJgX2ks40JucindeqC6mxRrI1x5Ugek2gq5FuyJn3ExFIfMipPT-u_Pgw7Damw7qAHLoGz3GdHHu0zRT15u5G44GqwSIicOQ2rwBIoIA2gUw25OfMngLsUe_mRJbF7HWkgSIqIkPbno1fmxdmiwsDcE_HhGP1h4S56D_yX6Xu4YdOJJpEmFJ31Upk_rDQTa4IYlGS1Mjjw5XQFC3hOt0S3QxuDFVfaw5NRXost1nOKSMacx2gsCKbPmMUxww-uLLerTxJeDncc-RQVwIOLf5FwrTFxTaLo6MFFlZPssnB-cKYyq2emCi2Gn3lB5rXpOdwHl1u4vKOiBXMrUMZjWcNV8B_kB4ackx6_iKwo3IN6MPs0rZBdd1Zti8HhpfQhGhn4F7kSTGllAf1D9dowsyraZjK0gebYsFCvUOiff_q2lf5Gs4fc9y8NT9F6FkQvyRxMJCOIp_C1CF-7iVaS2JzwUpO_WDVt6cqJCqtHA8aHUju-DIJdj9pdZbYEmgLTe7YGpfeG7ZMfTwKhm1iNrtlbvDVxVeUAdjuuasEJlEJraWljOsUdLSewWf4GPWAxdSmCYIPn1D4ABqDgRPNw6M1S0USLCymPlUH3OBqqD7kMaDHEyLvs-LwooLXTcwMz7dHH-o01dKy2S6Gue49iDY1cmtXhCieyu-GhYtfAtKalzDnxuhdre4fa8Xpb1MEB1HSkV7zxkXpkLuxj-QVTQzL1kZDH_0drXrYTZZSdvOo-mQtU3ET-iqCpXLNF47ndDrsT0IO2367L_v06sMmuPjdwIwvFGIJkbpjmo__HeoidUSP4gzfjSw4ufPF8uWt-3qMnUXglWD3s6J2esvbHuDtzpH-yFHblq43c-oxgL8qZNJ9IDan8R3ExMhOiHKhBopZlnBJmv-UD6Qf9TVrHqyP-nX73bI4B2lTpBIyFCXsXgnITdk_N6vX7VT7uGinzdVFhiPWvS2kuvoWZcRD8gMEKBeZaFbsBNKy1rRfbWpkhFK2Cuv6DK_Kt38gTEemq6MdMw2cHy8oBrUMqqW9u9sEF00X-99cmLOWEi90z7LEkYhxYMugHMPe-VubXVi7r_-29m4aYvrlHb5DaqdNG75Jrdc0iwzh2ylYSI8_o0zaFs6B0gdvmG9P0aXemEcg3XqNMNAsNS6OR9GV-ZaNCZULWxmPItwu_Nue1yV3Nu-RJ55XkKgeBJ7bqhLhyV7FXTO8FSoXYLxa7LWYTVRIrEU7pjFkfeJDyeHveXA53PWLqn254KoFT5P140CJ8omxj0Xy1pE-ZnQDNtzzu9R-KPPLgNqxM2C5qSTnQp0V6PIA6Qze38Gn_luPG4ReLPe6JXvVhM0aCdFRdlLxS1ElJKhm6MUwlbq_YjHhnSBycBzfkWqWjY__UxZ9TpR7d9PD24gDAdt9a-tYMRukV_w-wcIbNuCBpWiN-b2kBNkAkmcT8BxtyW0PSFu9zZZW9LlnhgCDIaEEtazXCsgYLWT4sfya3RPeSWmY7qWAvzShu0WDDJmS2yqZ0alWHUknYmwpsL-Cyzu1B8q_mkxHL2N3gSNbqI1JT9ZL7Oc-W6pO9OJ1vteNQ7_lRf4vciuV4b8MrqGuBVO1re5cEdf5wYyzGe3m3JCKOj9rRQ7ZHm_Ent_XSPSKwS2xSZ-0wqcLRNaXsqmWzcENmFbshOjCdaE-rm6oaiKBUK4dc7pNAythYCNWcDLgj11TQPaKxmXJgi2AQA7BVASEa1mhrC20iWNOxfTg0G5kUF-97ASeVvc4K0mbgXRA9x61ZhrKykkGKIZ__y8EHnQhiQETW0AumHUoVm_GKMpSD2-q67LZAo397114kl4ev8Wxt31UQ70Bq-H77tE3fHgoHIFMHsshNDw6ZjNHCf9EMfQfF2i6hFyuVmN84qkQQM-YRgynOxYpQqLnXNVAiDo3k0IKMeypHSOP_1kLyPK9WErEg5I4QnYjatEk-awreHn4_A_SLosGbM3Ctwc_871OyWVgzrf-G7f2_3MpLpAu_9Ius8kRlKdPKvXFB_tI4ninAQ2BBP2cWQeafzaZ-zK9d5iIDixFzSc0wEk2wdmCghaz_ZMgp1zSWFSdndY--ff-Fak9Ze1MErBnwDIhoNeNWVZl4Kl_tAwxCcp_A__A6TMg-z1uDL5wKlGbp7zACXDi3pxm8GdsLyLgltlGz3SwIHgdQroe977BBmANxiFE65y7XtmqyUMztnJ_3hYB6F8mwSERR-FEbI8Xqf9lpuu6gRhzNdBEPUAyWOHFZ5kn_RGkbzTQSQBXtpM4TUPI-ZDQPV7hvCdfG4w1JoGt0uzgDPJy278UBzAw5-OhKww0NwtxLh8xh-PL-AZSJYqFMRKe5iLOvA2BtE9VIbO5PrjAIXSCf67P5ZWUHpNM4wHA4YBfOYAxhnWNRRlHg_CXzC_1JoBYHJVP4Io0Tvj519UjT7PEAM5absqL1tCRvACRd9AcJtQQ_evVU5nH4_Qu0_oEPZhwgwYscK6hStkvJ5sCKoa1tUBnrbRevcSlJCCxfh3lPMA_uGytDIFZfuw8cq09vxHFC_xyeUE3qtf5mR6HuL2R8yvnU6EIx0iEqOvMfvX2ksom4c4rZFpqNozRz9uYRW5RdSL8K-EOuSwJdF-VdT44HjnUKprk5-ZCYhtbR4A2s2B32wWLv-vOnOVNYOgEA9OyWKrZqwavxPdpMcsapetUyVzPcPFzM2nYP67fHnmFrF7l-pwQQXfSeceGBADAvN4F8XSsfOvmJMYN6e8i7J_KyUJ11ItI4Km2dP4RFvN1VlV58sL_omKUOEz-o2JVMSrj_hiZWx1YPauhRm0s-JEAp6j6vPCCU5blQYrChv8KzqkcSamVd5WrL-8F4dzWIuuh7tPGf5ls7UCkw7YUSO09TsX7HV09p7HNuKs5g7Gl9133qr7SfHr0Xtd03Fa-8uTu-_fWq8nL1lQipeihn5wn5kFVXvf6brtU3VISEv5OBzOXe8dI04EAh-2Bsu2p70cWx_SURbMizitzSyZnU5IjThBPQzkOUxdLUPjH_1tXEYg8lHuoU-6wv4WWxjXt78WiImCfBjgOmQbunM6cnwPmvcU_GeDy4C6IujBYxuwY279FPlnJX76UVlkpohbgnqx48_Fa9Vx62W0Aw9MVpq8umpA67eyMZQ2HJrY9O9XO5f857sy7IF_oWZ9TkLkYH2GJpBxADnzGeKCZPWyLaO4MbVV62yr7CngqjmP2zY6Y_JbAlN3AEqyATLYIJYiRzieQFIIxsNBqGigODUqiloKAr269gfZe17zc-WP_1IWGSh6cjyaE1wjcIl4uT0tLtkk&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:29:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
8394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11393
x-xss-protection
0
server
cafe
etag
8974296396314687744
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:29:26 GMT
13591957302272520568
s0.2mdn.net/simgad/ Frame 2AA5 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13591957302272520568
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1SEijViJIrYRFDs5IqtPIAdhgHBwAR4cL-ShHgcwIR01HxiTAn_Z3kjLeeD1r-AOTMRouq0R2XVWKujuSdLGtjkEdvg&cry=1&dbm_d=AKAmf-Do2YN-xCFHwUMg_QWBPbUwmAl-oERn26veBWwwDUvsPSedPC-qBpV7dPZOPb8dkJzHOmzOYUiCEAwFWdqm-mqm_K0tBWpAvto-7GpzMOcn2B5Kf5iYQsrOFoJW-45lIafRUiPgel4QtLZXDgBa3_jtAkSrkPDiH7OoZZ1SpZzucybF7HHe7OAycvy-37faXRDlaeslkcRDg-xg4nlCtrvalfSGaPUtqxKM2SzxZkp0IjSRLzusR-M5XfVKQZDxfcScm3E0ZOOrsC_6TExnEJgX2ks40JucindeqC6mxRrI1x5Ugek2gq5FuyJn3ExFIfMipPT-u_Pgw7Damw7qAHLoGz3GdHHu0zRT15u5G44GqwSIicOQ2rwBIoIA2gUw25OfMngLsUe_mRJbF7HWkgSIqIkPbno1fmxdmiwsDcE_HhGP1h4S56D_yX6Xu4YdOJJpEmFJ31Upk_rDQTa4IYlGS1Mjjw5XQFC3hOt0S3QxuDFVfaw5NRXost1nOKSMacx2gsCKbPmMUxww-uLLerTxJeDncc-RQVwIOLf5FwrTFxTaLo6MFFlZPssnB-cKYyq2emCi2Gn3lB5rXpOdwHl1u4vKOiBXMrUMZjWcNV8B_kB4ackx6_iKwo3IN6MPs0rZBdd1Zti8HhpfQhGhn4F7kSTGllAf1D9dowsyraZjK0gebYsFCvUOiff_q2lf5Gs4fc9y8NT9F6FkQvyRxMJCOIp_C1CF-7iVaS2JzwUpO_WDVt6cqJCqtHA8aHUju-DIJdj9pdZbYEmgLTe7YGpfeG7ZMfTwKhm1iNrtlbvDVxVeUAdjuuasEJlEJraWljOsUdLSewWf4GPWAxdSmCYIPn1D4ABqDgRPNw6M1S0USLCymPlUH3OBqqD7kMaDHEyLvs-LwooLXTcwMz7dHH-o01dKy2S6Gue49iDY1cmtXhCieyu-GhYtfAtKalzDnxuhdre4fa8Xpb1MEB1HSkV7zxkXpkLuxj-QVTQzL1kZDH_0drXrYTZZSdvOo-mQtU3ET-iqCpXLNF47ndDrsT0IO2367L_v06sMmuPjdwIwvFGIJkbpjmo__HeoidUSP4gzfjSw4ufPF8uWt-3qMnUXglWD3s6J2esvbHuDtzpH-yFHblq43c-oxgL8qZNJ9IDan8R3ExMhOiHKhBopZlnBJmv-UD6Qf9TVrHqyP-nX73bI4B2lTpBIyFCXsXgnITdk_N6vX7VT7uGinzdVFhiPWvS2kuvoWZcRD8gMEKBeZaFbsBNKy1rRfbWpkhFK2Cuv6DK_Kt38gTEemq6MdMw2cHy8oBrUMqqW9u9sEF00X-99cmLOWEi90z7LEkYhxYMugHMPe-VubXVi7r_-29m4aYvrlHb5DaqdNG75Jrdc0iwzh2ylYSI8_o0zaFs6B0gdvmG9P0aXemEcg3XqNMNAsNS6OR9GV-ZaNCZULWxmPItwu_Nue1yV3Nu-RJ55XkKgeBJ7bqhLhyV7FXTO8FSoXYLxa7LWYTVRIrEU7pjFkfeJDyeHveXA53PWLqn254KoFT5P140CJ8omxj0Xy1pE-ZnQDNtzzu9R-KPPLgNqxM2C5qSTnQp0V6PIA6Qze38Gn_luPG4ReLPe6JXvVhM0aCdFRdlLxS1ElJKhm6MUwlbq_YjHhnSBycBzfkWqWjY__UxZ9TpR7d9PD24gDAdt9a-tYMRukV_w-wcIbNuCBpWiN-b2kBNkAkmcT8BxtyW0PSFu9zZZW9LlnhgCDIaEEtazXCsgYLWT4sfya3RPeSWmY7qWAvzShu0WDDJmS2yqZ0alWHUknYmwpsL-Cyzu1B8q_mkxHL2N3gSNbqI1JT9ZL7Oc-W6pO9OJ1vteNQ7_lRf4vciuV4b8MrqGuBVO1re5cEdf5wYyzGe3m3JCKOj9rRQ7ZHm_Ent_XSPSKwS2xSZ-0wqcLRNaXsqmWzcENmFbshOjCdaE-rm6oaiKBUK4dc7pNAythYCNWcDLgj11TQPaKxmXJgi2AQA7BVASEa1mhrC20iWNOxfTg0G5kUF-97ASeVvc4K0mbgXRA9x61ZhrKykkGKIZ__y8EHnQhiQETW0AumHUoVm_GKMpSD2-q67LZAo397114kl4ev8Wxt31UQ70Bq-H77tE3fHgoHIFMHsshNDw6ZjNHCf9EMfQfF2i6hFyuVmN84qkQQM-YRgynOxYpQqLnXNVAiDo3k0IKMeypHSOP_1kLyPK9WErEg5I4QnYjatEk-awreHn4_A_SLosGbM3Ctwc_871OyWVgzrf-G7f2_3MpLpAu_9Ius8kRlKdPKvXFB_tI4ninAQ2BBP2cWQeafzaZ-zK9d5iIDixFzSc0wEk2wdmCghaz_ZMgp1zSWFSdndY--ff-Fak9Ze1MErBnwDIhoNeNWVZl4Kl_tAwxCcp_A__A6TMg-z1uDL5wKlGbp7zACXDi3pxm8GdsLyLgltlGz3SwIHgdQroe977BBmANxiFE65y7XtmqyUMztnJ_3hYB6F8mwSERR-FEbI8Xqf9lpuu6gRhzNdBEPUAyWOHFZ5kn_RGkbzTQSQBXtpM4TUPI-ZDQPV7hvCdfG4w1JoGt0uzgDPJy278UBzAw5-OhKww0NwtxLh8xh-PL-AZSJYqFMRKe5iLOvA2BtE9VIbO5PrjAIXSCf67P5ZWUHpNM4wHA4YBfOYAxhnWNRRlHg_CXzC_1JoBYHJVP4Io0Tvj519UjT7PEAM5absqL1tCRvACRd9AcJtQQ_evVU5nH4_Qu0_oEPZhwgwYscK6hStkvJ5sCKoa1tUBnrbRevcSlJCCxfh3lPMA_uGytDIFZfuw8cq09vxHFC_xyeUE3qtf5mR6HuL2R8yvnU6EIx0iEqOvMfvX2ksom4c4rZFpqNozRz9uYRW5RdSL8K-EOuSwJdF-VdT44HjnUKprk5-ZCYhtbR4A2s2B32wWLv-vOnOVNYOgEA9OyWKrZqwavxPdpMcsapetUyVzPcPFzM2nYP67fHnmFrF7l-pwQQXfSeceGBADAvN4F8XSsfOvmJMYN6e8i7J_KyUJ11ItI4Km2dP4RFvN1VlV58sL_omKUOEz-o2JVMSrj_hiZWx1YPauhRm0s-JEAp6j6vPCCU5blQYrChv8KzqkcSamVd5WrL-8F4dzWIuuh7tPGf5ls7UCkw7YUSO09TsX7HV09p7HNuKs5g7Gl9133qr7SfHr0Xtd03Fa-8uTu-_fWq8nL1lQipeihn5wn5kFVXvf6brtU3VISEv5OBzOXe8dI04EAh-2Bsu2p70cWx_SURbMizitzSyZnU5IjThBPQzkOUxdLUPjH_1tXEYg8lHuoU-6wv4WWxjXt78WiImCfBjgOmQbunM6cnwPmvcU_GeDy4C6IujBYxuwY279FPlnJX76UVlkpohbgnqx48_Fa9Vx62W0Aw9MVpq8umpA67eyMZQ2HJrY9O9XO5f857sy7IF_oWZ9TkLkYH2GJpBxADnzGeKCZPWyLaO4MbVV62yr7CngqjmP2zY6Y_JbAlN3AEqyATLYIJYiRzieQFIIxsNBqGigODUqiloKAr269gfZe17zc-WP_1IWGSh6cjyaE1wjcIl4uT0tLtkk&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d55e960f5223ead7f384cf48f0593e2ce995e619fda80fb2e2e87a88f74d16fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 19:32:10 GMT
x-content-type-options
nosniff
age
163030
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37637
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 20:43:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 01 Nov 2023 19:32:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame 2AA5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1SEijViJIrYRFDs5IqtPIAdhgHBwAR4cL-ShHgcwIR01HxiTAn_Z3kjLeeD1r-AOTMRouq0R2XVWKujuSdLGtjkEdvg&cry=1&dbm_d=AKAmf-Do2YN-xCFHwUMg_QWBPbUwmAl-oERn26veBWwwDUvsPSedPC-qBpV7dPZOPb8dkJzHOmzOYUiCEAwFWdqm-mqm_K0tBWpAvto-7GpzMOcn2B5Kf5iYQsrOFoJW-45lIafRUiPgel4QtLZXDgBa3_jtAkSrkPDiH7OoZZ1SpZzucybF7HHe7OAycvy-37faXRDlaeslkcRDg-xg4nlCtrvalfSGaPUtqxKM2SzxZkp0IjSRLzusR-M5XfVKQZDxfcScm3E0ZOOrsC_6TExnEJgX2ks40JucindeqC6mxRrI1x5Ugek2gq5FuyJn3ExFIfMipPT-u_Pgw7Damw7qAHLoGz3GdHHu0zRT15u5G44GqwSIicOQ2rwBIoIA2gUw25OfMngLsUe_mRJbF7HWkgSIqIkPbno1fmxdmiwsDcE_HhGP1h4S56D_yX6Xu4YdOJJpEmFJ31Upk_rDQTa4IYlGS1Mjjw5XQFC3hOt0S3QxuDFVfaw5NRXost1nOKSMacx2gsCKbPmMUxww-uLLerTxJeDncc-RQVwIOLf5FwrTFxTaLo6MFFlZPssnB-cKYyq2emCi2Gn3lB5rXpOdwHl1u4vKOiBXMrUMZjWcNV8B_kB4ackx6_iKwo3IN6MPs0rZBdd1Zti8HhpfQhGhn4F7kSTGllAf1D9dowsyraZjK0gebYsFCvUOiff_q2lf5Gs4fc9y8NT9F6FkQvyRxMJCOIp_C1CF-7iVaS2JzwUpO_WDVt6cqJCqtHA8aHUju-DIJdj9pdZbYEmgLTe7YGpfeG7ZMfTwKhm1iNrtlbvDVxVeUAdjuuasEJlEJraWljOsUdLSewWf4GPWAxdSmCYIPn1D4ABqDgRPNw6M1S0USLCymPlUH3OBqqD7kMaDHEyLvs-LwooLXTcwMz7dHH-o01dKy2S6Gue49iDY1cmtXhCieyu-GhYtfAtKalzDnxuhdre4fa8Xpb1MEB1HSkV7zxkXpkLuxj-QVTQzL1kZDH_0drXrYTZZSdvOo-mQtU3ET-iqCpXLNF47ndDrsT0IO2367L_v06sMmuPjdwIwvFGIJkbpjmo__HeoidUSP4gzfjSw4ufPF8uWt-3qMnUXglWD3s6J2esvbHuDtzpH-yFHblq43c-oxgL8qZNJ9IDan8R3ExMhOiHKhBopZlnBJmv-UD6Qf9TVrHqyP-nX73bI4B2lTpBIyFCXsXgnITdk_N6vX7VT7uGinzdVFhiPWvS2kuvoWZcRD8gMEKBeZaFbsBNKy1rRfbWpkhFK2Cuv6DK_Kt38gTEemq6MdMw2cHy8oBrUMqqW9u9sEF00X-99cmLOWEi90z7LEkYhxYMugHMPe-VubXVi7r_-29m4aYvrlHb5DaqdNG75Jrdc0iwzh2ylYSI8_o0zaFs6B0gdvmG9P0aXemEcg3XqNMNAsNS6OR9GV-ZaNCZULWxmPItwu_Nue1yV3Nu-RJ55XkKgeBJ7bqhLhyV7FXTO8FSoXYLxa7LWYTVRIrEU7pjFkfeJDyeHveXA53PWLqn254KoFT5P140CJ8omxj0Xy1pE-ZnQDNtzzu9R-KPPLgNqxM2C5qSTnQp0V6PIA6Qze38Gn_luPG4ReLPe6JXvVhM0aCdFRdlLxS1ElJKhm6MUwlbq_YjHhnSBycBzfkWqWjY__UxZ9TpR7d9PD24gDAdt9a-tYMRukV_w-wcIbNuCBpWiN-b2kBNkAkmcT8BxtyW0PSFu9zZZW9LlnhgCDIaEEtazXCsgYLWT4sfya3RPeSWmY7qWAvzShu0WDDJmS2yqZ0alWHUknYmwpsL-Cyzu1B8q_mkxHL2N3gSNbqI1JT9ZL7Oc-W6pO9OJ1vteNQ7_lRf4vciuV4b8MrqGuBVO1re5cEdf5wYyzGe3m3JCKOj9rRQ7ZHm_Ent_XSPSKwS2xSZ-0wqcLRNaXsqmWzcENmFbshOjCdaE-rm6oaiKBUK4dc7pNAythYCNWcDLgj11TQPaKxmXJgi2AQA7BVASEa1mhrC20iWNOxfTg0G5kUF-97ASeVvc4K0mbgXRA9x61ZhrKykkGKIZ__y8EHnQhiQETW0AumHUoVm_GKMpSD2-q67LZAo397114kl4ev8Wxt31UQ70Bq-H77tE3fHgoHIFMHsshNDw6ZjNHCf9EMfQfF2i6hFyuVmN84qkQQM-YRgynOxYpQqLnXNVAiDo3k0IKMeypHSOP_1kLyPK9WErEg5I4QnYjatEk-awreHn4_A_SLosGbM3Ctwc_871OyWVgzrf-G7f2_3MpLpAu_9Ius8kRlKdPKvXFB_tI4ninAQ2BBP2cWQeafzaZ-zK9d5iIDixFzSc0wEk2wdmCghaz_ZMgp1zSWFSdndY--ff-Fak9Ze1MErBnwDIhoNeNWVZl4Kl_tAwxCcp_A__A6TMg-z1uDL5wKlGbp7zACXDi3pxm8GdsLyLgltlGz3SwIHgdQroe977BBmANxiFE65y7XtmqyUMztnJ_3hYB6F8mwSERR-FEbI8Xqf9lpuu6gRhzNdBEPUAyWOHFZ5kn_RGkbzTQSQBXtpM4TUPI-ZDQPV7hvCdfG4w1JoGt0uzgDPJy278UBzAw5-OhKww0NwtxLh8xh-PL-AZSJYqFMRKe5iLOvA2BtE9VIbO5PrjAIXSCf67P5ZWUHpNM4wHA4YBfOYAxhnWNRRlHg_CXzC_1JoBYHJVP4Io0Tvj519UjT7PEAM5absqL1tCRvACRd9AcJtQQ_evVU5nH4_Qu0_oEPZhwgwYscK6hStkvJ5sCKoa1tUBnrbRevcSlJCCxfh3lPMA_uGytDIFZfuw8cq09vxHFC_xyeUE3qtf5mR6HuL2R8yvnU6EIx0iEqOvMfvX2ksom4c4rZFpqNozRz9uYRW5RdSL8K-EOuSwJdF-VdT44HjnUKprk5-ZCYhtbR4A2s2B32wWLv-vOnOVNYOgEA9OyWKrZqwavxPdpMcsapetUyVzPcPFzM2nYP67fHnmFrF7l-pwQQXfSeceGBADAvN4F8XSsfOvmJMYN6e8i7J_KyUJ11ItI4Km2dP4RFvN1VlV58sL_omKUOEz-o2JVMSrj_hiZWx1YPauhRm0s-JEAp6j6vPCCU5blQYrChv8KzqkcSamVd5WrL-8F4dzWIuuh7tPGf5ls7UCkw7YUSO09TsX7HV09p7HNuKs5g7Gl9133qr7SfHr0Xtd03Fa-8uTu-_fWq8nL1lQipeihn5wn5kFVXvf6brtU3VISEv5OBzOXe8dI04EAh-2Bsu2p70cWx_SURbMizitzSyZnU5IjThBPQzkOUxdLUPjH_1tXEYg8lHuoU-6wv4WWxjXt78WiImCfBjgOmQbunM6cnwPmvcU_GeDy4C6IujBYxuwY279FPlnJX76UVlkpohbgnqx48_Fa9Vx62W0Aw9MVpq8umpA67eyMZQ2HJrY9O9XO5f857sy7IF_oWZ9TkLkYH2GJpBxADnzGeKCZPWyLaO4MbVV62yr7CngqjmP2zY6Y_JbAlN3AEqyATLYIJYiRzieQFIIxsNBqGigODUqiloKAr269gfZe17zc-WP_1IWGSh6cjyaE1wjcIl4uT0tLtkk&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
8395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:29:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2AA5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQVvaL4a5UHp0mhhfkK1OXqZVIW1FHVo5UWGU9pz2-6pDmU5W69m_e0PCSxI9j19nzsG-3L_t74S7WwoH4Vu0hhqzUwQLo3FB7UUC0drG6hq6RHhTwzaA8gTWaZpHM4VKwCAeZ_fQ79jwsBynvPoGe9t1au79TBPu33MHjQJ8srQEtz_jHBwkfLTJI3Rm9WHKAfT267mUho3XZj47veeVoVfDuRMi8mnBmikLLo4kZqgFkMDcX1KqWkS6Ffimsa3WcujEYC0smOs8RRZGhVquBLK9jX6Dv9jPfD1QxRi899axBugv6zbU13PO7plL8q8QOcsY7RV7Xv3Lpga4N78ZDFZAv33u5wwt4hZRPILq_KndUzP8nsToCM1A9nyyYU_UYqC9QyJadvHtCTURmDXJXJAEsfzVN7jDQ7gcqmBEhtFHpOJhFduFn6V1QQkETfOl1KwwpJ-bkZBTZU9R82-_p9engMdqjbF0N5maeAyWL2vacCHjrVc3gj6EPgFQxjQTMOJwb203vHPSdnERnZFBY1jMnYTIeYp0Ru8al_3YGuQOfL1VXV3ygtqMCPsjB27-VYmiBcAlwb-MDnxk-SE3fszUH-B-c9w6fqbjJwGmIQT0nH_R7LSGHX6HcW-9K86M-eaOgI5RPFqnLu61SNkLCFYNf3pbW6Cu4CIYsVsJ2eFxfJjn5hyNjCdHwkuseHsT63eSBOVt2YsezVAGcfRpH-4t0HTE0OYYno2Nqwd7XWmbJseQtd1Eg-Va667t5yHL0C1alt3vG3JuSDqdZq_K43Y1oYpGODMQphMIbBYVkkdIsqYIkyMyZX8WN6l5N4p--wsfXx9QRSdh7EabnI4p9RCPh62GTTaS5Rg1JHnqqya7UfxWTyBPs6ZI3j9YALJUxw3JBswnT9Kg9iPdcxHzRtom8hbrLbo0sf-liV80c9ozbcc5nX0X8_BqR3IIl4BKzVyJZDIQBkz5YD5fz7F-7UCvKU_vmLhmsghZ4_XMSQ4JxKc3v5Ti9_Geb0lCIapQX5zidzoiV9TO_M1noLbIt3GoXpDf50H5RczYTVzmNPucxl18ZOzVr_ln7tKZtcteHdIR-NvHQ_dNmY2r_z2Obc0JH9pO52HeEal2E_63iEfF0HQf5FRy2po1A_Ma-o0nVWKtGt1R7Kj6jV9sqlAclAKgGUMTrTFtc9biboAsdz_woHsJa2zobGMUUnHh58mP3FHEagBFhtaX5EHVmQVnH1JotGsThDrflUkzSaEjE5XiEKK_zO242KsGVw3_2S_NBDrGaghj1rXoA5VJRQOCSLG96h38crG0LJjFjwMCcrn7kHhUYWdKdhY5f8uNvNcaGTSOLbtoJ&sai=AMfl-YQ6DYFOj419j4HC1iCx8KEKdHJPvh_Ke1ot7H7tVFwT_zkJlBOj-_3BRrFjP9wYE7ssMeQeZtPkhQTXrUHsbrJt-9yXMvXMdZYDToot-LLUsOs5e45ClHqSc3UXxTaXwFCVY0izXHQ5uFLglWioAmULZZTE-QKJVRqYg9I3q9XAz7OHGWngJ4XDZAxhpeniNcFtfYD-RvaV5Cp6hTvbwlkRIv0zwbZtvmtKlThfctZjcg57G7qL3c-D8uXuh0eE7be2A9YPOxdvAXJEy7xCZnSt0_PakyOsFiRQ660&sig=Cg0ArKJSzCwsKvWodwe-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20221101.54311&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1SEijViJIrYRFDs5IqtPIAdhgHBwAR4cL-ShHgcwIR01HxiTAn_Z3kjLeeD1r-AOTMRouq0R2XVWKujuSdLGtjkEdvg&cry=1&dbm_d=AKAmf-Do2YN-xCFHwUMg_QWBPbUwmAl-oERn26veBWwwDUvsPSedPC-qBpV7dPZOPb8dkJzHOmzOYUiCEAwFWdqm-mqm_K0tBWpAvto-7GpzMOcn2B5Kf5iYQsrOFoJW-45lIafRUiPgel4QtLZXDgBa3_jtAkSrkPDiH7OoZZ1SpZzucybF7HHe7OAycvy-37faXRDlaeslkcRDg-xg4nlCtrvalfSGaPUtqxKM2SzxZkp0IjSRLzusR-M5XfVKQZDxfcScm3E0ZOOrsC_6TExnEJgX2ks40JucindeqC6mxRrI1x5Ugek2gq5FuyJn3ExFIfMipPT-u_Pgw7Damw7qAHLoGz3GdHHu0zRT15u5G44GqwSIicOQ2rwBIoIA2gUw25OfMngLsUe_mRJbF7HWkgSIqIkPbno1fmxdmiwsDcE_HhGP1h4S56D_yX6Xu4YdOJJpEmFJ31Upk_rDQTa4IYlGS1Mjjw5XQFC3hOt0S3QxuDFVfaw5NRXost1nOKSMacx2gsCKbPmMUxww-uLLerTxJeDncc-RQVwIOLf5FwrTFxTaLo6MFFlZPssnB-cKYyq2emCi2Gn3lB5rXpOdwHl1u4vKOiBXMrUMZjWcNV8B_kB4ackx6_iKwo3IN6MPs0rZBdd1Zti8HhpfQhGhn4F7kSTGllAf1D9dowsyraZjK0gebYsFCvUOiff_q2lf5Gs4fc9y8NT9F6FkQvyRxMJCOIp_C1CF-7iVaS2JzwUpO_WDVt6cqJCqtHA8aHUju-DIJdj9pdZbYEmgLTe7YGpfeG7ZMfTwKhm1iNrtlbvDVxVeUAdjuuasEJlEJraWljOsUdLSewWf4GPWAxdSmCYIPn1D4ABqDgRPNw6M1S0USLCymPlUH3OBqqD7kMaDHEyLvs-LwooLXTcwMz7dHH-o01dKy2S6Gue49iDY1cmtXhCieyu-GhYtfAtKalzDnxuhdre4fa8Xpb1MEB1HSkV7zxkXpkLuxj-QVTQzL1kZDH_0drXrYTZZSdvOo-mQtU3ET-iqCpXLNF47ndDrsT0IO2367L_v06sMmuPjdwIwvFGIJkbpjmo__HeoidUSP4gzfjSw4ufPF8uWt-3qMnUXglWD3s6J2esvbHuDtzpH-yFHblq43c-oxgL8qZNJ9IDan8R3ExMhOiHKhBopZlnBJmv-UD6Qf9TVrHqyP-nX73bI4B2lTpBIyFCXsXgnITdk_N6vX7VT7uGinzdVFhiPWvS2kuvoWZcRD8gMEKBeZaFbsBNKy1rRfbWpkhFK2Cuv6DK_Kt38gTEemq6MdMw2cHy8oBrUMqqW9u9sEF00X-99cmLOWEi90z7LEkYhxYMugHMPe-VubXVi7r_-29m4aYvrlHb5DaqdNG75Jrdc0iwzh2ylYSI8_o0zaFs6B0gdvmG9P0aXemEcg3XqNMNAsNS6OR9GV-ZaNCZULWxmPItwu_Nue1yV3Nu-RJ55XkKgeBJ7bqhLhyV7FXTO8FSoXYLxa7LWYTVRIrEU7pjFkfeJDyeHveXA53PWLqn254KoFT5P140CJ8omxj0Xy1pE-ZnQDNtzzu9R-KPPLgNqxM2C5qSTnQp0V6PIA6Qze38Gn_luPG4ReLPe6JXvVhM0aCdFRdlLxS1ElJKhm6MUwlbq_YjHhnSBycBzfkWqWjY__UxZ9TpR7d9PD24gDAdt9a-tYMRukV_w-wcIbNuCBpWiN-b2kBNkAkmcT8BxtyW0PSFu9zZZW9LlnhgCDIaEEtazXCsgYLWT4sfya3RPeSWmY7qWAvzShu0WDDJmS2yqZ0alWHUknYmwpsL-Cyzu1B8q_mkxHL2N3gSNbqI1JT9ZL7Oc-W6pO9OJ1vteNQ7_lRf4vciuV4b8MrqGuBVO1re5cEdf5wYyzGe3m3JCKOj9rRQ7ZHm_Ent_XSPSKwS2xSZ-0wqcLRNaXsqmWzcENmFbshOjCdaE-rm6oaiKBUK4dc7pNAythYCNWcDLgj11TQPaKxmXJgi2AQA7BVASEa1mhrC20iWNOxfTg0G5kUF-97ASeVvc4K0mbgXRA9x61ZhrKykkGKIZ__y8EHnQhiQETW0AumHUoVm_GKMpSD2-q67LZAo397114kl4ev8Wxt31UQ70Bq-H77tE3fHgoHIFMHsshNDw6ZjNHCf9EMfQfF2i6hFyuVmN84qkQQM-YRgynOxYpQqLnXNVAiDo3k0IKMeypHSOP_1kLyPK9WErEg5I4QnYjatEk-awreHn4_A_SLosGbM3Ctwc_871OyWVgzrf-G7f2_3MpLpAu_9Ius8kRlKdPKvXFB_tI4ninAQ2BBP2cWQeafzaZ-zK9d5iIDixFzSc0wEk2wdmCghaz_ZMgp1zSWFSdndY--ff-Fak9Ze1MErBnwDIhoNeNWVZl4Kl_tAwxCcp_A__A6TMg-z1uDL5wKlGbp7zACXDi3pxm8GdsLyLgltlGz3SwIHgdQroe977BBmANxiFE65y7XtmqyUMztnJ_3hYB6F8mwSERR-FEbI8Xqf9lpuu6gRhzNdBEPUAyWOHFZ5kn_RGkbzTQSQBXtpM4TUPI-ZDQPV7hvCdfG4w1JoGt0uzgDPJy278UBzAw5-OhKww0NwtxLh8xh-PL-AZSJYqFMRKe5iLOvA2BtE9VIbO5PrjAIXSCf67P5ZWUHpNM4wHA4YBfOYAxhnWNRRlHg_CXzC_1JoBYHJVP4Io0Tvj519UjT7PEAM5absqL1tCRvACRd9AcJtQQ_evVU5nH4_Qu0_oEPZhwgwYscK6hStkvJ5sCKoa1tUBnrbRevcSlJCCxfh3lPMA_uGytDIFZfuw8cq09vxHFC_xyeUE3qtf5mR6HuL2R8yvnU6EIx0iEqOvMfvX2ksom4c4rZFpqNozRz9uYRW5RdSL8K-EOuSwJdF-VdT44HjnUKprk5-ZCYhtbR4A2s2B32wWLv-vOnOVNYOgEA9OyWKrZqwavxPdpMcsapetUyVzPcPFzM2nYP67fHnmFrF7l-pwQQXfSeceGBADAvN4F8XSsfOvmJMYN6e8i7J_KyUJ11ItI4Km2dP4RFvN1VlV58sL_omKUOEz-o2JVMSrj_hiZWx1YPauhRm0s-JEAp6j6vPCCU5blQYrChv8KzqkcSamVd5WrL-8F4dzWIuuh7tPGf5ls7UCkw7YUSO09TsX7HV09p7HNuKs5g7Gl9133qr7SfHr0Xtd03Fa-8uTu-_fWq8nL1lQipeihn5wn5kFVXvf6brtU3VISEv5OBzOXe8dI04EAh-2Bsu2p70cWx_SURbMizitzSyZnU5IjThBPQzkOUxdLUPjH_1tXEYg8lHuoU-6wv4WWxjXt78WiImCfBjgOmQbunM6cnwPmvcU_GeDy4C6IujBYxuwY279FPlnJX76UVlkpohbgnqx48_Fa9Vx62W0Aw9MVpq8umpA67eyMZQ2HJrY9O9XO5f857sy7IF_oWZ9TkLkYH2GJpBxADnzGeKCZPWyLaO4MbVV62yr7CngqjmP2zY6Y_JbAlN3AEqyATLYIJYiRzieQFIIxsNBqGigODUqiloKAr269gfZe17zc-WP_1IWGSh6cjyaE1wjcIl4uT0tLtkk&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 03 Nov 2022 16:49:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2AA5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1SEijViJIrYRFDs5IqtPIAdhgHBwAR4cL-ShHgcwIR01HxiTAn_Z3kjLeeD1r-AOTMRouq0R2XVWKujuSdLGtjkEdvg&cry=1&dbm_d=AKAmf-Do2YN-xCFHwUMg_QWBPbUwmAl-oERn26veBWwwDUvsPSedPC-qBpV7dPZOPb8dkJzHOmzOYUiCEAwFWdqm-mqm_K0tBWpAvto-7GpzMOcn2B5Kf5iYQsrOFoJW-45lIafRUiPgel4QtLZXDgBa3_jtAkSrkPDiH7OoZZ1SpZzucybF7HHe7OAycvy-37faXRDlaeslkcRDg-xg4nlCtrvalfSGaPUtqxKM2SzxZkp0IjSRLzusR-M5XfVKQZDxfcScm3E0ZOOrsC_6TExnEJgX2ks40JucindeqC6mxRrI1x5Ugek2gq5FuyJn3ExFIfMipPT-u_Pgw7Damw7qAHLoGz3GdHHu0zRT15u5G44GqwSIicOQ2rwBIoIA2gUw25OfMngLsUe_mRJbF7HWkgSIqIkPbno1fmxdmiwsDcE_HhGP1h4S56D_yX6Xu4YdOJJpEmFJ31Upk_rDQTa4IYlGS1Mjjw5XQFC3hOt0S3QxuDFVfaw5NRXost1nOKSMacx2gsCKbPmMUxww-uLLerTxJeDncc-RQVwIOLf5FwrTFxTaLo6MFFlZPssnB-cKYyq2emCi2Gn3lB5rXpOdwHl1u4vKOiBXMrUMZjWcNV8B_kB4ackx6_iKwo3IN6MPs0rZBdd1Zti8HhpfQhGhn4F7kSTGllAf1D9dowsyraZjK0gebYsFCvUOiff_q2lf5Gs4fc9y8NT9F6FkQvyRxMJCOIp_C1CF-7iVaS2JzwUpO_WDVt6cqJCqtHA8aHUju-DIJdj9pdZbYEmgLTe7YGpfeG7ZMfTwKhm1iNrtlbvDVxVeUAdjuuasEJlEJraWljOsUdLSewWf4GPWAxdSmCYIPn1D4ABqDgRPNw6M1S0USLCymPlUH3OBqqD7kMaDHEyLvs-LwooLXTcwMz7dHH-o01dKy2S6Gue49iDY1cmtXhCieyu-GhYtfAtKalzDnxuhdre4fa8Xpb1MEB1HSkV7zxkXpkLuxj-QVTQzL1kZDH_0drXrYTZZSdvOo-mQtU3ET-iqCpXLNF47ndDrsT0IO2367L_v06sMmuPjdwIwvFGIJkbpjmo__HeoidUSP4gzfjSw4ufPF8uWt-3qMnUXglWD3s6J2esvbHuDtzpH-yFHblq43c-oxgL8qZNJ9IDan8R3ExMhOiHKhBopZlnBJmv-UD6Qf9TVrHqyP-nX73bI4B2lTpBIyFCXsXgnITdk_N6vX7VT7uGinzdVFhiPWvS2kuvoWZcRD8gMEKBeZaFbsBNKy1rRfbWpkhFK2Cuv6DK_Kt38gTEemq6MdMw2cHy8oBrUMqqW9u9sEF00X-99cmLOWEi90z7LEkYhxYMugHMPe-VubXVi7r_-29m4aYvrlHb5DaqdNG75Jrdc0iwzh2ylYSI8_o0zaFs6B0gdvmG9P0aXemEcg3XqNMNAsNS6OR9GV-ZaNCZULWxmPItwu_Nue1yV3Nu-RJ55XkKgeBJ7bqhLhyV7FXTO8FSoXYLxa7LWYTVRIrEU7pjFkfeJDyeHveXA53PWLqn254KoFT5P140CJ8omxj0Xy1pE-ZnQDNtzzu9R-KPPLgNqxM2C5qSTnQp0V6PIA6Qze38Gn_luPG4ReLPe6JXvVhM0aCdFRdlLxS1ElJKhm6MUwlbq_YjHhnSBycBzfkWqWjY__UxZ9TpR7d9PD24gDAdt9a-tYMRukV_w-wcIbNuCBpWiN-b2kBNkAkmcT8BxtyW0PSFu9zZZW9LlnhgCDIaEEtazXCsgYLWT4sfya3RPeSWmY7qWAvzShu0WDDJmS2yqZ0alWHUknYmwpsL-Cyzu1B8q_mkxHL2N3gSNbqI1JT9ZL7Oc-W6pO9OJ1vteNQ7_lRf4vciuV4b8MrqGuBVO1re5cEdf5wYyzGe3m3JCKOj9rRQ7ZHm_Ent_XSPSKwS2xSZ-0wqcLRNaXsqmWzcENmFbshOjCdaE-rm6oaiKBUK4dc7pNAythYCNWcDLgj11TQPaKxmXJgi2AQA7BVASEa1mhrC20iWNOxfTg0G5kUF-97ASeVvc4K0mbgXRA9x61ZhrKykkGKIZ__y8EHnQhiQETW0AumHUoVm_GKMpSD2-q67LZAo397114kl4ev8Wxt31UQ70Bq-H77tE3fHgoHIFMHsshNDw6ZjNHCf9EMfQfF2i6hFyuVmN84qkQQM-YRgynOxYpQqLnXNVAiDo3k0IKMeypHSOP_1kLyPK9WErEg5I4QnYjatEk-awreHn4_A_SLosGbM3Ctwc_871OyWVgzrf-G7f2_3MpLpAu_9Ius8kRlKdPKvXFB_tI4ninAQ2BBP2cWQeafzaZ-zK9d5iIDixFzSc0wEk2wdmCghaz_ZMgp1zSWFSdndY--ff-Fak9Ze1MErBnwDIhoNeNWVZl4Kl_tAwxCcp_A__A6TMg-z1uDL5wKlGbp7zACXDi3pxm8GdsLyLgltlGz3SwIHgdQroe977BBmANxiFE65y7XtmqyUMztnJ_3hYB6F8mwSERR-FEbI8Xqf9lpuu6gRhzNdBEPUAyWOHFZ5kn_RGkbzTQSQBXtpM4TUPI-ZDQPV7hvCdfG4w1JoGt0uzgDPJy278UBzAw5-OhKww0NwtxLh8xh-PL-AZSJYqFMRKe5iLOvA2BtE9VIbO5PrjAIXSCf67P5ZWUHpNM4wHA4YBfOYAxhnWNRRlHg_CXzC_1JoBYHJVP4Io0Tvj519UjT7PEAM5absqL1tCRvACRd9AcJtQQ_evVU5nH4_Qu0_oEPZhwgwYscK6hStkvJ5sCKoa1tUBnrbRevcSlJCCxfh3lPMA_uGytDIFZfuw8cq09vxHFC_xyeUE3qtf5mR6HuL2R8yvnU6EIx0iEqOvMfvX2ksom4c4rZFpqNozRz9uYRW5RdSL8K-EOuSwJdF-VdT44HjnUKprk5-ZCYhtbR4A2s2B32wWLv-vOnOVNYOgEA9OyWKrZqwavxPdpMcsapetUyVzPcPFzM2nYP67fHnmFrF7l-pwQQXfSeceGBADAvN4F8XSsfOvmJMYN6e8i7J_KyUJ11ItI4Km2dP4RFvN1VlV58sL_omKUOEz-o2JVMSrj_hiZWx1YPauhRm0s-JEAp6j6vPCCU5blQYrChv8KzqkcSamVd5WrL-8F4dzWIuuh7tPGf5ls7UCkw7YUSO09TsX7HV09p7HNuKs5g7Gl9133qr7SfHr0Xtd03Fa-8uTu-_fWq8nL1lQipeihn5wn5kFVXvf6brtU3VISEv5OBzOXe8dI04EAh-2Bsu2p70cWx_SURbMizitzSyZnU5IjThBPQzkOUxdLUPjH_1tXEYg8lHuoU-6wv4WWxjXt78WiImCfBjgOmQbunM6cnwPmvcU_GeDy4C6IujBYxuwY279FPlnJX76UVlkpohbgnqx48_Fa9Vx62W0Aw9MVpq8umpA67eyMZQ2HJrY9O9XO5f857sy7IF_oWZ9TkLkYH2GJpBxADnzGeKCZPWyLaO4MbVV62yr7CngqjmP2zY6Y_JbAlN3AEqyATLYIJYiRzieQFIIxsNBqGigODUqiloKAr269gfZe17zc-WP_1IWGSh6cjyaE1wjcIl4uT0tLtkk&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 17:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 17:27:26 GMT
14039544731581877115
s0.2mdn.net/simgad/ Frame 3958 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14039544731581877115
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKTLG9d6WGIfotY9WzZNUI9h2gyPSfCrowkSZMxyoDkstNwzDNZS-iVsSTQUF7DxOtW0hVXeQE8UhFC-5MvbxpSf3woA&cry=1&dbm_d=AKAmf-CiXeOz1JQYIPo7TB7BSbpB26n43r66n-ad-1r9jXxEePiUd3mCf7uEQNKLWgrg2B2nDQwEIF52OI3kaaE01-_lOMFnw6mB-yodCNfQdSs6E_ki6FqUcNTWqyUydam-5te42u8BGPvDaTAyvnhIf_CWAyHt_TKgWl6ELnKAUnMh125dvcRNzNgmvAq9ARUlLu03iy-0q4olcTpAcUIsar7_ANRxjx_1-H0zRGNlgru5KP9H2-NSZJrUXm2Qwp3wSts_rlTL3vPzd2P5-ZXqMEflPCmsMeuzMaKvp5zV02XqiXBHY2x5uWG7Lzqtd_qsWbr10B4gbq1bG9kAdQivYXLT-l_hYAEL6KfeZy2w_gVYt0h6zUcwKLD2oc5YN4V3st1ot8NXj9zG1prxxLZjlprh-fc0vNrh9dulZZkny_-ImrOETbDO4YN90aGIs_mirBp9uPGrOg6g00c6H_kNoq-wEyo7m247MLlloO_ExZsd8d6IFz4YrlCsFRWppDX0MSBs2odU_GQqnIGD1ZMx33U0C8h-2GNuCAgvs9ZR7pnnXLn64w6vbNRREJNr0FkjsHT6DkXyx25WxWTs3TQulvnlHPvCYfTIle1iZcwXKrbxWUzgN9O28TdqcqndhlMMa0jo7dU973ncYNNOSOlvy43kwkJe-HG6rE1PEGXM2Zw_q0-53bkgsyAWqWOTXNBBHAQK1RGafQ_iYYDYk1YcucmTs6xR_cRL3okDz7Rz_VISLd_813Zr5unD7eKAiQuqwo4Wrt7nXlrTPmPNoS8Z8MwRmPc05RNuyx-a4PXL2_tT5djWEa4ZYVcMe--Rtw4JTsk94kzArcwkNO64Fh-e9AgRGfJfGf0-lHB_xxGzPjwgFJOaP86XTLNTh-9yGFxN6AY5Iq5iInDTCIwxo3ATTzzwLmBjLSTEOemmv1HRyrXMsCmPKonUhn3aswXrudKx9pO26n_lkVmm1CeEjxC7beyxjBVPWrRYunMSluaYZabb2eOOshk83Z9QF5sIqS74CwOzB_Bp9RYkY_K_fLVE3Lm_htanIRnTQyJCGLA0D7c9Zdqg10VgRWF1MO-yYpukMDySBcnM0F0fDSut6hthNEWsYvcIwzg2gRe9Hd_FKLxa4kL0UTO--7cQr2mi9boTokE1OH0Ypgn3cIaEBHGElpnBA9nLBPsFSklRJ7_kZ4YupdLF9XZJWWd570giqPInOZpWn1OKkaJv3ZNQfHqiLNmWkr8hT-fDaucIu3I7jd87_o6K1z_T39EIMAJlKZMbzo5EW_di6-KybfoNid-BO4yBjxBzyKrcUejw6qKfIRv7jZ3hXRz24aXHqsbpQ92Uzw2Xg0OjRe4csxt6lq2SyJIX-GMizmoo5GKMcwy5JD6FBbnaqR_RUXP8XuQhO85BV-6ZNd8MKgDyF74rJDN99hjpJje0Zbvs_-PHjKNZu6o7uJkXx95ihd7762Y_pyEw8zGphNDMXb7ap70tMY0rsMydzsi3i9VZSlhXZ14SfSY8sjpuYkmRNF1cKjK5hYmXHSMXTsUPxC-FfnuuBN8MgO98Xbf0Q3juPjUqpg26HqoReHAjfPYeUrMovW4n3T1NvzCaQfwjKLl9HKbVmMJz_vSlb3F3iytD6NowOSUp9VvH2kCF-npdHudZWEJfsYtTd4ieKoHHhXO82OOD3W3sKtZ6pmYW9O4BydAY-Ow93yehNsTXA9jS253dipeb1BxnhEHo3vuaAFlAT2Ma8w_l4i5hyxkKkWINyh-0bHtT3AEoOzPr5p8rcuiQeLENlCXoHP2M6wH9IR5fannTsfX-B8mYlz9bi3vGvizeFNx9XAFWgL2JZ7CxcDvrfEAPM0OP3wtFvHaiwKA7_Wyf-iynPHTh0_-rrghUiKCzC--jPoCV9hvYGSEBanZJBUwts27476cuGdbZlIXOIRPm4Kpo-5Dl40vWVGktvw_V-27IzmlG_hLn50OeoTH-bI0FLepa1L3kZdb-xFwZsU2BTBtbsldkHJTKyL47baMmRGgYcbPsWa1YlAwY4uExZqQDK43tYiV-x_AzUAF74_kl_D8OBksE__wv71z4URYpQTQHsddRCDSj_Y-118eyoDa4Cc58uZ3EL2O-Jyrqt-IH9cpNy4mEqd7-tQ64MXwP1D3mCtM-gMJPknxonlpLnJ5qhpE7N3He4todPe7uTWMYMw8ShEQUkgA4hc688xDN0Vhzld4Rpoxkt5E9YxH5OapUxv7W-gyx2eya8Fhe46ilu6SF9EejGPQpkADzWS0RzW43rcccfvbIw-cGkOwJTWVMwN1bE7cAbVRKjR8QdyfpxA-SaOehNJnOyqZAin824ZKitt9wri3RgrLtO80Pl_wCZxKvgd3y9yO1XhF4_A1j6i4pCh1VxxttqrRkUtdAvTk0LN5zfeVaKDGtpdyJMl-yvdK7ksY3G3-95cBeY2oRjmPgYWgD7cN3JESL_jKwlhQY0DK70Wwx-LSKwbFK5imzJM3BY4v9FvSOeOw5D-dNcv6SfCCJVroA8W_x4-lctC6W6O_18xi0rWbckziq30l5VFN-CG6B5i16K7hBxUkWsOLpuG4iJM1iJwotQmwQxywFsQbUAuPKE8urG69XGtjlf4Z6A7QJwYW6sB2HT_kWPEuBG5VoBgFh_shR5sLhsU9AC41cRpYuvdX1lQpLxCkjYFKyRCf_49HnLkgwpxpkI-sAhfEuXVxhqi4ba5qy5xufG1fTWvIgUKMk7TTLqoAjDbs0QgTF5bvFhzaAf8iIsnbwUSstuaC-edwsdVM4gGyle8oii1jG04jgYavT9ku5UT5FPgSKqQ9dgf3HgqXwtRnWzEXoZ5uQDSke_D7Lj7bhAd-608YpUXOPLuOZwoMZiiyv9YmTpE0oqxLLKZjCjx1qdUNNJZdMKGWBIVvuVcVFSE1O-ZAhRDD8eRIUjsuvM6haKHb9TnIV4Ud_5zsyFEbXisEeCVDRvr6epqoNTWIPmSDh0gmZ-lyPzTDfHhSalcg-mScfxMBvFjmT146FgqdiiGvBp3znRAM5mwGAjdz8ztCDIITL3hypPKMtATeSZBBw3zisUNmzQ798DJW_j5Xmd-otio1c7s8HLzpeYPCkWpqLJ1XVPq1u-3cYLQ6I7bRoi_JBtVwCyYLuG9389NttqbQ_rGtFGHBoD49nGo5Ar2SeBtqzT025uYcDH8UEy_Q502Z7OVmmxMVjarBVNjS5urqdycifvClZfwz0WDTz95RsNYDCumdvOG-2y_Sv1F8nkcjwt3nEymAo5sXRL7wD810vour-duViWIs8toVzgh-kWrjAOq-FF3JUCX6N0jFlN13OTQkb0ywPr_bdiv1P3PBkSg05-i7v0s9_2esRJDNu0MI5pvbjhPbvwPvzfJ_prUVOT8HEPZmt1www1g736eEnDeipopxQnz4jDmK7I5Ak0sGGp720Xyrnkt5fAgLrnvYeyz9ir9XZjshX6zsyI87YbaOBv0ojpUj6DqPu_a_yyiWB-1i714KS0kNKlOUseD7hAPr2&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2989c581cd38dc0ddaf63d7d3e391d43bc1df5d9f7122cde73597ef1f3b05f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 01:07:25 GMT
x-content-type-options
nosniff
age
142915
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59136
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 20:43:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Nov 2023 01:07:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 3958 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKTLG9d6WGIfotY9WzZNUI9h2gyPSfCrowkSZMxyoDkstNwzDNZS-iVsSTQUF7DxOtW0hVXeQE8UhFC-5MvbxpSf3woA&cry=1&dbm_d=AKAmf-CiXeOz1JQYIPo7TB7BSbpB26n43r66n-ad-1r9jXxEePiUd3mCf7uEQNKLWgrg2B2nDQwEIF52OI3kaaE01-_lOMFnw6mB-yodCNfQdSs6E_ki6FqUcNTWqyUydam-5te42u8BGPvDaTAyvnhIf_CWAyHt_TKgWl6ELnKAUnMh125dvcRNzNgmvAq9ARUlLu03iy-0q4olcTpAcUIsar7_ANRxjx_1-H0zRGNlgru5KP9H2-NSZJrUXm2Qwp3wSts_rlTL3vPzd2P5-ZXqMEflPCmsMeuzMaKvp5zV02XqiXBHY2x5uWG7Lzqtd_qsWbr10B4gbq1bG9kAdQivYXLT-l_hYAEL6KfeZy2w_gVYt0h6zUcwKLD2oc5YN4V3st1ot8NXj9zG1prxxLZjlprh-fc0vNrh9dulZZkny_-ImrOETbDO4YN90aGIs_mirBp9uPGrOg6g00c6H_kNoq-wEyo7m247MLlloO_ExZsd8d6IFz4YrlCsFRWppDX0MSBs2odU_GQqnIGD1ZMx33U0C8h-2GNuCAgvs9ZR7pnnXLn64w6vbNRREJNr0FkjsHT6DkXyx25WxWTs3TQulvnlHPvCYfTIle1iZcwXKrbxWUzgN9O28TdqcqndhlMMa0jo7dU973ncYNNOSOlvy43kwkJe-HG6rE1PEGXM2Zw_q0-53bkgsyAWqWOTXNBBHAQK1RGafQ_iYYDYk1YcucmTs6xR_cRL3okDz7Rz_VISLd_813Zr5unD7eKAiQuqwo4Wrt7nXlrTPmPNoS8Z8MwRmPc05RNuyx-a4PXL2_tT5djWEa4ZYVcMe--Rtw4JTsk94kzArcwkNO64Fh-e9AgRGfJfGf0-lHB_xxGzPjwgFJOaP86XTLNTh-9yGFxN6AY5Iq5iInDTCIwxo3ATTzzwLmBjLSTEOemmv1HRyrXMsCmPKonUhn3aswXrudKx9pO26n_lkVmm1CeEjxC7beyxjBVPWrRYunMSluaYZabb2eOOshk83Z9QF5sIqS74CwOzB_Bp9RYkY_K_fLVE3Lm_htanIRnTQyJCGLA0D7c9Zdqg10VgRWF1MO-yYpukMDySBcnM0F0fDSut6hthNEWsYvcIwzg2gRe9Hd_FKLxa4kL0UTO--7cQr2mi9boTokE1OH0Ypgn3cIaEBHGElpnBA9nLBPsFSklRJ7_kZ4YupdLF9XZJWWd570giqPInOZpWn1OKkaJv3ZNQfHqiLNmWkr8hT-fDaucIu3I7jd87_o6K1z_T39EIMAJlKZMbzo5EW_di6-KybfoNid-BO4yBjxBzyKrcUejw6qKfIRv7jZ3hXRz24aXHqsbpQ92Uzw2Xg0OjRe4csxt6lq2SyJIX-GMizmoo5GKMcwy5JD6FBbnaqR_RUXP8XuQhO85BV-6ZNd8MKgDyF74rJDN99hjpJje0Zbvs_-PHjKNZu6o7uJkXx95ihd7762Y_pyEw8zGphNDMXb7ap70tMY0rsMydzsi3i9VZSlhXZ14SfSY8sjpuYkmRNF1cKjK5hYmXHSMXTsUPxC-FfnuuBN8MgO98Xbf0Q3juPjUqpg26HqoReHAjfPYeUrMovW4n3T1NvzCaQfwjKLl9HKbVmMJz_vSlb3F3iytD6NowOSUp9VvH2kCF-npdHudZWEJfsYtTd4ieKoHHhXO82OOD3W3sKtZ6pmYW9O4BydAY-Ow93yehNsTXA9jS253dipeb1BxnhEHo3vuaAFlAT2Ma8w_l4i5hyxkKkWINyh-0bHtT3AEoOzPr5p8rcuiQeLENlCXoHP2M6wH9IR5fannTsfX-B8mYlz9bi3vGvizeFNx9XAFWgL2JZ7CxcDvrfEAPM0OP3wtFvHaiwKA7_Wyf-iynPHTh0_-rrghUiKCzC--jPoCV9hvYGSEBanZJBUwts27476cuGdbZlIXOIRPm4Kpo-5Dl40vWVGktvw_V-27IzmlG_hLn50OeoTH-bI0FLepa1L3kZdb-xFwZsU2BTBtbsldkHJTKyL47baMmRGgYcbPsWa1YlAwY4uExZqQDK43tYiV-x_AzUAF74_kl_D8OBksE__wv71z4URYpQTQHsddRCDSj_Y-118eyoDa4Cc58uZ3EL2O-Jyrqt-IH9cpNy4mEqd7-tQ64MXwP1D3mCtM-gMJPknxonlpLnJ5qhpE7N3He4todPe7uTWMYMw8ShEQUkgA4hc688xDN0Vhzld4Rpoxkt5E9YxH5OapUxv7W-gyx2eya8Fhe46ilu6SF9EejGPQpkADzWS0RzW43rcccfvbIw-cGkOwJTWVMwN1bE7cAbVRKjR8QdyfpxA-SaOehNJnOyqZAin824ZKitt9wri3RgrLtO80Pl_wCZxKvgd3y9yO1XhF4_A1j6i4pCh1VxxttqrRkUtdAvTk0LN5zfeVaKDGtpdyJMl-yvdK7ksY3G3-95cBeY2oRjmPgYWgD7cN3JESL_jKwlhQY0DK70Wwx-LSKwbFK5imzJM3BY4v9FvSOeOw5D-dNcv6SfCCJVroA8W_x4-lctC6W6O_18xi0rWbckziq30l5VFN-CG6B5i16K7hBxUkWsOLpuG4iJM1iJwotQmwQxywFsQbUAuPKE8urG69XGtjlf4Z6A7QJwYW6sB2HT_kWPEuBG5VoBgFh_shR5sLhsU9AC41cRpYuvdX1lQpLxCkjYFKyRCf_49HnLkgwpxpkI-sAhfEuXVxhqi4ba5qy5xufG1fTWvIgUKMk7TTLqoAjDbs0QgTF5bvFhzaAf8iIsnbwUSstuaC-edwsdVM4gGyle8oii1jG04jgYavT9ku5UT5FPgSKqQ9dgf3HgqXwtRnWzEXoZ5uQDSke_D7Lj7bhAd-608YpUXOPLuOZwoMZiiyv9YmTpE0oqxLLKZjCjx1qdUNNJZdMKGWBIVvuVcVFSE1O-ZAhRDD8eRIUjsuvM6haKHb9TnIV4Ud_5zsyFEbXisEeCVDRvr6epqoNTWIPmSDh0gmZ-lyPzTDfHhSalcg-mScfxMBvFjmT146FgqdiiGvBp3znRAM5mwGAjdz8ztCDIITL3hypPKMtATeSZBBw3zisUNmzQ798DJW_j5Xmd-otio1c7s8HLzpeYPCkWpqLJ1XVPq1u-3cYLQ6I7bRoi_JBtVwCyYLuG9389NttqbQ_rGtFGHBoD49nGo5Ar2SeBtqzT025uYcDH8UEy_Q502Z7OVmmxMVjarBVNjS5urqdycifvClZfwz0WDTz95RsNYDCumdvOG-2y_Sv1F8nkcjwt3nEymAo5sXRL7wD810vour-duViWIs8toVzgh-kWrjAOq-FF3JUCX6N0jFlN13OTQkb0ywPr_bdiv1P3PBkSg05-i7v0s9_2esRJDNu0MI5pvbjhPbvwPvzfJ_prUVOT8HEPZmt1www1g736eEnDeipopxQnz4jDmK7I5Ak0sGGp720Xyrnkt5fAgLrnvYeyz9ir9XZjshX6zsyI87YbaOBv0ojpUj6DqPu_a_yyiWB-1i714KS0kNKlOUseD7hAPr2&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:29:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
8394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11393
x-xss-protection
0
server
cafe
etag
8974296396314687744
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:29:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame 3958 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKTLG9d6WGIfotY9WzZNUI9h2gyPSfCrowkSZMxyoDkstNwzDNZS-iVsSTQUF7DxOtW0hVXeQE8UhFC-5MvbxpSf3woA&cry=1&dbm_d=AKAmf-CiXeOz1JQYIPo7TB7BSbpB26n43r66n-ad-1r9jXxEePiUd3mCf7uEQNKLWgrg2B2nDQwEIF52OI3kaaE01-_lOMFnw6mB-yodCNfQdSs6E_ki6FqUcNTWqyUydam-5te42u8BGPvDaTAyvnhIf_CWAyHt_TKgWl6ELnKAUnMh125dvcRNzNgmvAq9ARUlLu03iy-0q4olcTpAcUIsar7_ANRxjx_1-H0zRGNlgru5KP9H2-NSZJrUXm2Qwp3wSts_rlTL3vPzd2P5-ZXqMEflPCmsMeuzMaKvp5zV02XqiXBHY2x5uWG7Lzqtd_qsWbr10B4gbq1bG9kAdQivYXLT-l_hYAEL6KfeZy2w_gVYt0h6zUcwKLD2oc5YN4V3st1ot8NXj9zG1prxxLZjlprh-fc0vNrh9dulZZkny_-ImrOETbDO4YN90aGIs_mirBp9uPGrOg6g00c6H_kNoq-wEyo7m247MLlloO_ExZsd8d6IFz4YrlCsFRWppDX0MSBs2odU_GQqnIGD1ZMx33U0C8h-2GNuCAgvs9ZR7pnnXLn64w6vbNRREJNr0FkjsHT6DkXyx25WxWTs3TQulvnlHPvCYfTIle1iZcwXKrbxWUzgN9O28TdqcqndhlMMa0jo7dU973ncYNNOSOlvy43kwkJe-HG6rE1PEGXM2Zw_q0-53bkgsyAWqWOTXNBBHAQK1RGafQ_iYYDYk1YcucmTs6xR_cRL3okDz7Rz_VISLd_813Zr5unD7eKAiQuqwo4Wrt7nXlrTPmPNoS8Z8MwRmPc05RNuyx-a4PXL2_tT5djWEa4ZYVcMe--Rtw4JTsk94kzArcwkNO64Fh-e9AgRGfJfGf0-lHB_xxGzPjwgFJOaP86XTLNTh-9yGFxN6AY5Iq5iInDTCIwxo3ATTzzwLmBjLSTEOemmv1HRyrXMsCmPKonUhn3aswXrudKx9pO26n_lkVmm1CeEjxC7beyxjBVPWrRYunMSluaYZabb2eOOshk83Z9QF5sIqS74CwOzB_Bp9RYkY_K_fLVE3Lm_htanIRnTQyJCGLA0D7c9Zdqg10VgRWF1MO-yYpukMDySBcnM0F0fDSut6hthNEWsYvcIwzg2gRe9Hd_FKLxa4kL0UTO--7cQr2mi9boTokE1OH0Ypgn3cIaEBHGElpnBA9nLBPsFSklRJ7_kZ4YupdLF9XZJWWd570giqPInOZpWn1OKkaJv3ZNQfHqiLNmWkr8hT-fDaucIu3I7jd87_o6K1z_T39EIMAJlKZMbzo5EW_di6-KybfoNid-BO4yBjxBzyKrcUejw6qKfIRv7jZ3hXRz24aXHqsbpQ92Uzw2Xg0OjRe4csxt6lq2SyJIX-GMizmoo5GKMcwy5JD6FBbnaqR_RUXP8XuQhO85BV-6ZNd8MKgDyF74rJDN99hjpJje0Zbvs_-PHjKNZu6o7uJkXx95ihd7762Y_pyEw8zGphNDMXb7ap70tMY0rsMydzsi3i9VZSlhXZ14SfSY8sjpuYkmRNF1cKjK5hYmXHSMXTsUPxC-FfnuuBN8MgO98Xbf0Q3juPjUqpg26HqoReHAjfPYeUrMovW4n3T1NvzCaQfwjKLl9HKbVmMJz_vSlb3F3iytD6NowOSUp9VvH2kCF-npdHudZWEJfsYtTd4ieKoHHhXO82OOD3W3sKtZ6pmYW9O4BydAY-Ow93yehNsTXA9jS253dipeb1BxnhEHo3vuaAFlAT2Ma8w_l4i5hyxkKkWINyh-0bHtT3AEoOzPr5p8rcuiQeLENlCXoHP2M6wH9IR5fannTsfX-B8mYlz9bi3vGvizeFNx9XAFWgL2JZ7CxcDvrfEAPM0OP3wtFvHaiwKA7_Wyf-iynPHTh0_-rrghUiKCzC--jPoCV9hvYGSEBanZJBUwts27476cuGdbZlIXOIRPm4Kpo-5Dl40vWVGktvw_V-27IzmlG_hLn50OeoTH-bI0FLepa1L3kZdb-xFwZsU2BTBtbsldkHJTKyL47baMmRGgYcbPsWa1YlAwY4uExZqQDK43tYiV-x_AzUAF74_kl_D8OBksE__wv71z4URYpQTQHsddRCDSj_Y-118eyoDa4Cc58uZ3EL2O-Jyrqt-IH9cpNy4mEqd7-tQ64MXwP1D3mCtM-gMJPknxonlpLnJ5qhpE7N3He4todPe7uTWMYMw8ShEQUkgA4hc688xDN0Vhzld4Rpoxkt5E9YxH5OapUxv7W-gyx2eya8Fhe46ilu6SF9EejGPQpkADzWS0RzW43rcccfvbIw-cGkOwJTWVMwN1bE7cAbVRKjR8QdyfpxA-SaOehNJnOyqZAin824ZKitt9wri3RgrLtO80Pl_wCZxKvgd3y9yO1XhF4_A1j6i4pCh1VxxttqrRkUtdAvTk0LN5zfeVaKDGtpdyJMl-yvdK7ksY3G3-95cBeY2oRjmPgYWgD7cN3JESL_jKwlhQY0DK70Wwx-LSKwbFK5imzJM3BY4v9FvSOeOw5D-dNcv6SfCCJVroA8W_x4-lctC6W6O_18xi0rWbckziq30l5VFN-CG6B5i16K7hBxUkWsOLpuG4iJM1iJwotQmwQxywFsQbUAuPKE8urG69XGtjlf4Z6A7QJwYW6sB2HT_kWPEuBG5VoBgFh_shR5sLhsU9AC41cRpYuvdX1lQpLxCkjYFKyRCf_49HnLkgwpxpkI-sAhfEuXVxhqi4ba5qy5xufG1fTWvIgUKMk7TTLqoAjDbs0QgTF5bvFhzaAf8iIsnbwUSstuaC-edwsdVM4gGyle8oii1jG04jgYavT9ku5UT5FPgSKqQ9dgf3HgqXwtRnWzEXoZ5uQDSke_D7Lj7bhAd-608YpUXOPLuOZwoMZiiyv9YmTpE0oqxLLKZjCjx1qdUNNJZdMKGWBIVvuVcVFSE1O-ZAhRDD8eRIUjsuvM6haKHb9TnIV4Ud_5zsyFEbXisEeCVDRvr6epqoNTWIPmSDh0gmZ-lyPzTDfHhSalcg-mScfxMBvFjmT146FgqdiiGvBp3znRAM5mwGAjdz8ztCDIITL3hypPKMtATeSZBBw3zisUNmzQ798DJW_j5Xmd-otio1c7s8HLzpeYPCkWpqLJ1XVPq1u-3cYLQ6I7bRoi_JBtVwCyYLuG9389NttqbQ_rGtFGHBoD49nGo5Ar2SeBtqzT025uYcDH8UEy_Q502Z7OVmmxMVjarBVNjS5urqdycifvClZfwz0WDTz95RsNYDCumdvOG-2y_Sv1F8nkcjwt3nEymAo5sXRL7wD810vour-duViWIs8toVzgh-kWrjAOq-FF3JUCX6N0jFlN13OTQkb0ywPr_bdiv1P3PBkSg05-i7v0s9_2esRJDNu0MI5pvbjhPbvwPvzfJ_prUVOT8HEPZmt1www1g736eEnDeipopxQnz4jDmK7I5Ak0sGGp720Xyrnkt5fAgLrnvYeyz9ir9XZjshX6zsyI87YbaOBv0ojpUj6DqPu_a_yyiWB-1i714KS0kNKlOUseD7hAPr2&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
8395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:29:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3958 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVETyJdvJBrjEpA3BI1pIL5U_NxdsIcEQXy7fsB-3pv3jOogrM4yp7A8TDuL-1UBONnA6Bq_fZsNCE15psGWwvnIQ6GIusJJ9oSp8QzBvQB-aG9WLcuEP17qcJXXG-kA4BDK1K0emCq9Ii9NMTXwUzPDY378jvCEw6WggJXGJItv-ozkF1g0QQZAR2OVcuMBmyY40pyJMzevW1aJxe8wOUR0lXU6Bz4CMfbPflzUTVyoOZ33q1lM6ETPEqXj-w_sZgQ6FIsdMrq2calNdySKtlGb_BwEG8UZtcKdY_R41dm3pIzjGlWTHu0GRgIUROkQTdZdT7ijuG8dsHXOoqk6RAgLb4uOLoVmnxo7Pj_1Xwb0nJ-V2HjC9tHohL4PgXyHPSYiIbcwwlorpC4rFV-daKk8ZW22JuPDU1TrLn5jUPO4wE7IoPgX5N-weaCSfG2D-wOrTI4eNoNeoljPD6bei223ai8qquMBeIRDR9KFqHXpQ0lfK9fsWNvLy1W8R-rdgc0wuQS3RLapYSlxpUL7TZdEFL1NL_vXoFeOe6bzD4k366usGIaD5PTwofvmAoS3BID9NY_hODcSqXPH5DuEbHmsU4aOIWrTYl5t-Y_OehFNL11QOx221O3b1JBCQjVbMp1lgJWCfAJd940OKfQJGdU3YHSJ-d1l6eqabJAPI7PItxoh3Ih6jQqRvUW3SnWmZau4x01KwYUfr-zgpCXuS30rAdTAc--8iiXYENIG1UkLcaLpHmj79L6A0LyxGNVD0FhYwv7rpxEJMKb-xlXSCaGXTe4G3VkRewEjkJyrL2fAVLywezSLTsqCVtAqrW9_BePOEIEpTrVHOG2DafNZkfAvk-z76An6aRl-osPdRybQXRPYAyTsyFtf2rz-FutO-ejdseax1hcSRHG92bLo-rfUdfuShf8OdGU_P2Z6BX-8NJT1V-l6UclSyLYP2Oes_qoG-j-jXKu-tZcAB3AaEaaYaeA_Jgw1m8oB6Ig2Pff4LOfw5G6Ztq5jojzcLA01cb7kvh1jMTMZ4xHAcX5veYXZRQJMv4VISsQNnYewnGL5qCmrxrYawNwY8AsearEAcnkBHWvJBvU9FgI6mLZ-gPK2LCv1I66YdSNOv92no_pedVoZ5pi7qD4L8UuRb6eJRnyQSLl4CO8J45QA-MjIkMGNjVlyiaEv5XTOkjVXpORCMf6ntErPE8r76OBnikE-WZ7aR4QSDsObg-Pv4E1ec7bldGfSJoJneX1ANGFkafGs8NCYzulAbZRTzklXz38aP-NkdMtFnhuYlSUcZdStdLlSyfTSOc0whzw9XjT3b0cfY1NwDtF0fKqtr13lG5ebuMLd9jVPxo04A&sai=AMfl-YTUvoelJ5VfiQe-RcqFIW_MmgSJm-WRIo31GjzXT3Y3GhT_2OgO-e0CqaW75Es0BtPvVzrtoo3RaWpOcfl2Wua0GDH1u8-AEP6UbwoWSNn5msTcAwdw3JHmn4HSOzwxiXJVnSUFTxBWZjJs2I0EUuwJoLx85oMf45U6j-S4DThqqWrbZ93Me3BKRnaWhG8N7fcLnl7Zj-_ZA4ROF8iNKqNi6C4NNf9QX6s50XEgFlHwmgsL-iOrZBBULeHKoq7x0OWfOoHWjMoC6xH6JWOKjZpFK-yIP-d5KNwfa2E&sig=Cg0ArKJSzGtTtOAeqHtbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221101.50388&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKTLG9d6WGIfotY9WzZNUI9h2gyPSfCrowkSZMxyoDkstNwzDNZS-iVsSTQUF7DxOtW0hVXeQE8UhFC-5MvbxpSf3woA&cry=1&dbm_d=AKAmf-CiXeOz1JQYIPo7TB7BSbpB26n43r66n-ad-1r9jXxEePiUd3mCf7uEQNKLWgrg2B2nDQwEIF52OI3kaaE01-_lOMFnw6mB-yodCNfQdSs6E_ki6FqUcNTWqyUydam-5te42u8BGPvDaTAyvnhIf_CWAyHt_TKgWl6ELnKAUnMh125dvcRNzNgmvAq9ARUlLu03iy-0q4olcTpAcUIsar7_ANRxjx_1-H0zRGNlgru5KP9H2-NSZJrUXm2Qwp3wSts_rlTL3vPzd2P5-ZXqMEflPCmsMeuzMaKvp5zV02XqiXBHY2x5uWG7Lzqtd_qsWbr10B4gbq1bG9kAdQivYXLT-l_hYAEL6KfeZy2w_gVYt0h6zUcwKLD2oc5YN4V3st1ot8NXj9zG1prxxLZjlprh-fc0vNrh9dulZZkny_-ImrOETbDO4YN90aGIs_mirBp9uPGrOg6g00c6H_kNoq-wEyo7m247MLlloO_ExZsd8d6IFz4YrlCsFRWppDX0MSBs2odU_GQqnIGD1ZMx33U0C8h-2GNuCAgvs9ZR7pnnXLn64w6vbNRREJNr0FkjsHT6DkXyx25WxWTs3TQulvnlHPvCYfTIle1iZcwXKrbxWUzgN9O28TdqcqndhlMMa0jo7dU973ncYNNOSOlvy43kwkJe-HG6rE1PEGXM2Zw_q0-53bkgsyAWqWOTXNBBHAQK1RGafQ_iYYDYk1YcucmTs6xR_cRL3okDz7Rz_VISLd_813Zr5unD7eKAiQuqwo4Wrt7nXlrTPmPNoS8Z8MwRmPc05RNuyx-a4PXL2_tT5djWEa4ZYVcMe--Rtw4JTsk94kzArcwkNO64Fh-e9AgRGfJfGf0-lHB_xxGzPjwgFJOaP86XTLNTh-9yGFxN6AY5Iq5iInDTCIwxo3ATTzzwLmBjLSTEOemmv1HRyrXMsCmPKonUhn3aswXrudKx9pO26n_lkVmm1CeEjxC7beyxjBVPWrRYunMSluaYZabb2eOOshk83Z9QF5sIqS74CwOzB_Bp9RYkY_K_fLVE3Lm_htanIRnTQyJCGLA0D7c9Zdqg10VgRWF1MO-yYpukMDySBcnM0F0fDSut6hthNEWsYvcIwzg2gRe9Hd_FKLxa4kL0UTO--7cQr2mi9boTokE1OH0Ypgn3cIaEBHGElpnBA9nLBPsFSklRJ7_kZ4YupdLF9XZJWWd570giqPInOZpWn1OKkaJv3ZNQfHqiLNmWkr8hT-fDaucIu3I7jd87_o6K1z_T39EIMAJlKZMbzo5EW_di6-KybfoNid-BO4yBjxBzyKrcUejw6qKfIRv7jZ3hXRz24aXHqsbpQ92Uzw2Xg0OjRe4csxt6lq2SyJIX-GMizmoo5GKMcwy5JD6FBbnaqR_RUXP8XuQhO85BV-6ZNd8MKgDyF74rJDN99hjpJje0Zbvs_-PHjKNZu6o7uJkXx95ihd7762Y_pyEw8zGphNDMXb7ap70tMY0rsMydzsi3i9VZSlhXZ14SfSY8sjpuYkmRNF1cKjK5hYmXHSMXTsUPxC-FfnuuBN8MgO98Xbf0Q3juPjUqpg26HqoReHAjfPYeUrMovW4n3T1NvzCaQfwjKLl9HKbVmMJz_vSlb3F3iytD6NowOSUp9VvH2kCF-npdHudZWEJfsYtTd4ieKoHHhXO82OOD3W3sKtZ6pmYW9O4BydAY-Ow93yehNsTXA9jS253dipeb1BxnhEHo3vuaAFlAT2Ma8w_l4i5hyxkKkWINyh-0bHtT3AEoOzPr5p8rcuiQeLENlCXoHP2M6wH9IR5fannTsfX-B8mYlz9bi3vGvizeFNx9XAFWgL2JZ7CxcDvrfEAPM0OP3wtFvHaiwKA7_Wyf-iynPHTh0_-rrghUiKCzC--jPoCV9hvYGSEBanZJBUwts27476cuGdbZlIXOIRPm4Kpo-5Dl40vWVGktvw_V-27IzmlG_hLn50OeoTH-bI0FLepa1L3kZdb-xFwZsU2BTBtbsldkHJTKyL47baMmRGgYcbPsWa1YlAwY4uExZqQDK43tYiV-x_AzUAF74_kl_D8OBksE__wv71z4URYpQTQHsddRCDSj_Y-118eyoDa4Cc58uZ3EL2O-Jyrqt-IH9cpNy4mEqd7-tQ64MXwP1D3mCtM-gMJPknxonlpLnJ5qhpE7N3He4todPe7uTWMYMw8ShEQUkgA4hc688xDN0Vhzld4Rpoxkt5E9YxH5OapUxv7W-gyx2eya8Fhe46ilu6SF9EejGPQpkADzWS0RzW43rcccfvbIw-cGkOwJTWVMwN1bE7cAbVRKjR8QdyfpxA-SaOehNJnOyqZAin824ZKitt9wri3RgrLtO80Pl_wCZxKvgd3y9yO1XhF4_A1j6i4pCh1VxxttqrRkUtdAvTk0LN5zfeVaKDGtpdyJMl-yvdK7ksY3G3-95cBeY2oRjmPgYWgD7cN3JESL_jKwlhQY0DK70Wwx-LSKwbFK5imzJM3BY4v9FvSOeOw5D-dNcv6SfCCJVroA8W_x4-lctC6W6O_18xi0rWbckziq30l5VFN-CG6B5i16K7hBxUkWsOLpuG4iJM1iJwotQmwQxywFsQbUAuPKE8urG69XGtjlf4Z6A7QJwYW6sB2HT_kWPEuBG5VoBgFh_shR5sLhsU9AC41cRpYuvdX1lQpLxCkjYFKyRCf_49HnLkgwpxpkI-sAhfEuXVxhqi4ba5qy5xufG1fTWvIgUKMk7TTLqoAjDbs0QgTF5bvFhzaAf8iIsnbwUSstuaC-edwsdVM4gGyle8oii1jG04jgYavT9ku5UT5FPgSKqQ9dgf3HgqXwtRnWzEXoZ5uQDSke_D7Lj7bhAd-608YpUXOPLuOZwoMZiiyv9YmTpE0oqxLLKZjCjx1qdUNNJZdMKGWBIVvuVcVFSE1O-ZAhRDD8eRIUjsuvM6haKHb9TnIV4Ud_5zsyFEbXisEeCVDRvr6epqoNTWIPmSDh0gmZ-lyPzTDfHhSalcg-mScfxMBvFjmT146FgqdiiGvBp3znRAM5mwGAjdz8ztCDIITL3hypPKMtATeSZBBw3zisUNmzQ798DJW_j5Xmd-otio1c7s8HLzpeYPCkWpqLJ1XVPq1u-3cYLQ6I7bRoi_JBtVwCyYLuG9389NttqbQ_rGtFGHBoD49nGo5Ar2SeBtqzT025uYcDH8UEy_Q502Z7OVmmxMVjarBVNjS5urqdycifvClZfwz0WDTz95RsNYDCumdvOG-2y_Sv1F8nkcjwt3nEymAo5sXRL7wD810vour-duViWIs8toVzgh-kWrjAOq-FF3JUCX6N0jFlN13OTQkb0ywPr_bdiv1P3PBkSg05-i7v0s9_2esRJDNu0MI5pvbjhPbvwPvzfJ_prUVOT8HEPZmt1www1g736eEnDeipopxQnz4jDmK7I5Ak0sGGp720Xyrnkt5fAgLrnvYeyz9ir9XZjshX6zsyI87YbaOBv0ojpUj6DqPu_a_yyiWB-1i714KS0kNKlOUseD7hAPr2&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 03 Nov 2022 16:49:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3958 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKTLG9d6WGIfotY9WzZNUI9h2gyPSfCrowkSZMxyoDkstNwzDNZS-iVsSTQUF7DxOtW0hVXeQE8UhFC-5MvbxpSf3woA&cry=1&dbm_d=AKAmf-CiXeOz1JQYIPo7TB7BSbpB26n43r66n-ad-1r9jXxEePiUd3mCf7uEQNKLWgrg2B2nDQwEIF52OI3kaaE01-_lOMFnw6mB-yodCNfQdSs6E_ki6FqUcNTWqyUydam-5te42u8BGPvDaTAyvnhIf_CWAyHt_TKgWl6ELnKAUnMh125dvcRNzNgmvAq9ARUlLu03iy-0q4olcTpAcUIsar7_ANRxjx_1-H0zRGNlgru5KP9H2-NSZJrUXm2Qwp3wSts_rlTL3vPzd2P5-ZXqMEflPCmsMeuzMaKvp5zV02XqiXBHY2x5uWG7Lzqtd_qsWbr10B4gbq1bG9kAdQivYXLT-l_hYAEL6KfeZy2w_gVYt0h6zUcwKLD2oc5YN4V3st1ot8NXj9zG1prxxLZjlprh-fc0vNrh9dulZZkny_-ImrOETbDO4YN90aGIs_mirBp9uPGrOg6g00c6H_kNoq-wEyo7m247MLlloO_ExZsd8d6IFz4YrlCsFRWppDX0MSBs2odU_GQqnIGD1ZMx33U0C8h-2GNuCAgvs9ZR7pnnXLn64w6vbNRREJNr0FkjsHT6DkXyx25WxWTs3TQulvnlHPvCYfTIle1iZcwXKrbxWUzgN9O28TdqcqndhlMMa0jo7dU973ncYNNOSOlvy43kwkJe-HG6rE1PEGXM2Zw_q0-53bkgsyAWqWOTXNBBHAQK1RGafQ_iYYDYk1YcucmTs6xR_cRL3okDz7Rz_VISLd_813Zr5unD7eKAiQuqwo4Wrt7nXlrTPmPNoS8Z8MwRmPc05RNuyx-a4PXL2_tT5djWEa4ZYVcMe--Rtw4JTsk94kzArcwkNO64Fh-e9AgRGfJfGf0-lHB_xxGzPjwgFJOaP86XTLNTh-9yGFxN6AY5Iq5iInDTCIwxo3ATTzzwLmBjLSTEOemmv1HRyrXMsCmPKonUhn3aswXrudKx9pO26n_lkVmm1CeEjxC7beyxjBVPWrRYunMSluaYZabb2eOOshk83Z9QF5sIqS74CwOzB_Bp9RYkY_K_fLVE3Lm_htanIRnTQyJCGLA0D7c9Zdqg10VgRWF1MO-yYpukMDySBcnM0F0fDSut6hthNEWsYvcIwzg2gRe9Hd_FKLxa4kL0UTO--7cQr2mi9boTokE1OH0Ypgn3cIaEBHGElpnBA9nLBPsFSklRJ7_kZ4YupdLF9XZJWWd570giqPInOZpWn1OKkaJv3ZNQfHqiLNmWkr8hT-fDaucIu3I7jd87_o6K1z_T39EIMAJlKZMbzo5EW_di6-KybfoNid-BO4yBjxBzyKrcUejw6qKfIRv7jZ3hXRz24aXHqsbpQ92Uzw2Xg0OjRe4csxt6lq2SyJIX-GMizmoo5GKMcwy5JD6FBbnaqR_RUXP8XuQhO85BV-6ZNd8MKgDyF74rJDN99hjpJje0Zbvs_-PHjKNZu6o7uJkXx95ihd7762Y_pyEw8zGphNDMXb7ap70tMY0rsMydzsi3i9VZSlhXZ14SfSY8sjpuYkmRNF1cKjK5hYmXHSMXTsUPxC-FfnuuBN8MgO98Xbf0Q3juPjUqpg26HqoReHAjfPYeUrMovW4n3T1NvzCaQfwjKLl9HKbVmMJz_vSlb3F3iytD6NowOSUp9VvH2kCF-npdHudZWEJfsYtTd4ieKoHHhXO82OOD3W3sKtZ6pmYW9O4BydAY-Ow93yehNsTXA9jS253dipeb1BxnhEHo3vuaAFlAT2Ma8w_l4i5hyxkKkWINyh-0bHtT3AEoOzPr5p8rcuiQeLENlCXoHP2M6wH9IR5fannTsfX-B8mYlz9bi3vGvizeFNx9XAFWgL2JZ7CxcDvrfEAPM0OP3wtFvHaiwKA7_Wyf-iynPHTh0_-rrghUiKCzC--jPoCV9hvYGSEBanZJBUwts27476cuGdbZlIXOIRPm4Kpo-5Dl40vWVGktvw_V-27IzmlG_hLn50OeoTH-bI0FLepa1L3kZdb-xFwZsU2BTBtbsldkHJTKyL47baMmRGgYcbPsWa1YlAwY4uExZqQDK43tYiV-x_AzUAF74_kl_D8OBksE__wv71z4URYpQTQHsddRCDSj_Y-118eyoDa4Cc58uZ3EL2O-Jyrqt-IH9cpNy4mEqd7-tQ64MXwP1D3mCtM-gMJPknxonlpLnJ5qhpE7N3He4todPe7uTWMYMw8ShEQUkgA4hc688xDN0Vhzld4Rpoxkt5E9YxH5OapUxv7W-gyx2eya8Fhe46ilu6SF9EejGPQpkADzWS0RzW43rcccfvbIw-cGkOwJTWVMwN1bE7cAbVRKjR8QdyfpxA-SaOehNJnOyqZAin824ZKitt9wri3RgrLtO80Pl_wCZxKvgd3y9yO1XhF4_A1j6i4pCh1VxxttqrRkUtdAvTk0LN5zfeVaKDGtpdyJMl-yvdK7ksY3G3-95cBeY2oRjmPgYWgD7cN3JESL_jKwlhQY0DK70Wwx-LSKwbFK5imzJM3BY4v9FvSOeOw5D-dNcv6SfCCJVroA8W_x4-lctC6W6O_18xi0rWbckziq30l5VFN-CG6B5i16K7hBxUkWsOLpuG4iJM1iJwotQmwQxywFsQbUAuPKE8urG69XGtjlf4Z6A7QJwYW6sB2HT_kWPEuBG5VoBgFh_shR5sLhsU9AC41cRpYuvdX1lQpLxCkjYFKyRCf_49HnLkgwpxpkI-sAhfEuXVxhqi4ba5qy5xufG1fTWvIgUKMk7TTLqoAjDbs0QgTF5bvFhzaAf8iIsnbwUSstuaC-edwsdVM4gGyle8oii1jG04jgYavT9ku5UT5FPgSKqQ9dgf3HgqXwtRnWzEXoZ5uQDSke_D7Lj7bhAd-608YpUXOPLuOZwoMZiiyv9YmTpE0oqxLLKZjCjx1qdUNNJZdMKGWBIVvuVcVFSE1O-ZAhRDD8eRIUjsuvM6haKHb9TnIV4Ud_5zsyFEbXisEeCVDRvr6epqoNTWIPmSDh0gmZ-lyPzTDfHhSalcg-mScfxMBvFjmT146FgqdiiGvBp3znRAM5mwGAjdz8ztCDIITL3hypPKMtATeSZBBw3zisUNmzQ798DJW_j5Xmd-otio1c7s8HLzpeYPCkWpqLJ1XVPq1u-3cYLQ6I7bRoi_JBtVwCyYLuG9389NttqbQ_rGtFGHBoD49nGo5Ar2SeBtqzT025uYcDH8UEy_Q502Z7OVmmxMVjarBVNjS5urqdycifvClZfwz0WDTz95RsNYDCumdvOG-2y_Sv1F8nkcjwt3nEymAo5sXRL7wD810vour-duViWIs8toVzgh-kWrjAOq-FF3JUCX6N0jFlN13OTQkb0ywPr_bdiv1P3PBkSg05-i7v0s9_2esRJDNu0MI5pvbjhPbvwPvzfJ_prUVOT8HEPZmt1www1g736eEnDeipopxQnz4jDmK7I5Ak0sGGp720Xyrnkt5fAgLrnvYeyz9ir9XZjshX6zsyI87YbaOBv0ojpUj6DqPu_a_yyiWB-1i714KS0kNKlOUseD7hAPr2&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 17:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 17:27:26 GMT
truncated
/ Frame 276D 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e432012326bc493c021e47a0e9eed90eea49b1b935190effe5c8b82b3934717

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame F026 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstdkT7nFcaAUj-4QpYRrR3gypA32tf72wNLKTVoFpwcVBXrC_YzrB1ho-P4IWjrliU5gygU0TvoVeqPaE8VRdj13hq4xBL39_h5YEwcuc2CK0PdVInv7a5KWQfdM-ndmjr2vWZ4yUPn3qI3O5GOChRUxA3KWnEQEQp9dlylphmhl5CC0fcynWzXfUs40IDgVHvCvL3o7yIenKRIPGnBp6X5EaalHPVEXg03QhdDjjzpz8Okq4kuL5Zx8BUHCpa5sRnMguL5OKipeky-fawJVSitsWKcombIijj643IMhviknRtWIigV5kjzAXAgceZ19av-dClHcmnjDaJ32wDmtPahKlVR_Xb5J9Ay9Qw6wAnRL06h_yThAYswVhliI8EKa9j7ZTIX4J8BP58C2SS-MNdY7fEBOILUvYCJSOFMPk0HECZJcNZb39ymoK8JxtUrSMhWKfC2sF2jEEkszTI7e4VrgvfMpwldG-hRQXy2hmG-GyoJUPKRpQpTVyxYs6JpQfYyv2mnlQV3dVfg8Qu8m8ZrYTpwkPChDbsnuSIEmHFTiN3FCQEUmcwXqkvmJ1kYiH0tK3hbNf_xaghHAyHgzjIMSQoht8R5I2teCnZcntXYBvnYxlOkY66i57yj-fhNyTquqKK3ouUESq6oAQKdu5q8pc5_dbLDhCPkX5xgqd_YmJzFMaWYziOwpO0gJJGeCS6DOXqLJVuvQx-BlA83TRJHPz9gIgsDDUw01xfThdyRZ-cq3mLlpNNlB1ajhIGhVpwpC_OoqstJyf7PCEGpAziaqCog52b0JYNF8Vhyp6-JOsV1yLsIE3UoZVntDelpE3Uf_AVCfOEbfj_I4aaaoP37Nj3lLCMgp9owzj_Mr3xvG8oKS9j0vyAZRXwb-uxua1YKAwOEV10nHpq_rwR92idpDXXsappwHFfd7HdQxIx0H0nOyyV9pl5lzdsR_1xIycBe-B_KSoGDAjp-k3E7BJHfRO847us1TCo59xp7kzFySLgZOOP8RFhAVe3HTJMna3RaJB0ekG6tNVZvg0g7ah29KkQMbMjHFiNK-a5X-d75Az1j7DccJwzBAxF6rsfH0h0sD2fUHtxH7s_v-tGGJYDMS3phlcNumvRDlkscuLeZdLVdfqgVB8Cdvs_OUgxVBEPqnucb_Hdse2l5pMMJMjw_iIyxJSWukcmD0q-RFIXzt_5v98rp6tHf0puLDnvOcj7b-XxQniiZ4oLEu3iCIU1RApeeo6Wjzwduyj4zid7E-IvzigZqhN9rlaunOuwQNH3vKu3RU0GSTcoC3iaDNvAOlmskr-GhHaGL-qotgAhaEOnkwYeR5dzOqGRHdRXWkTe0FA&sai=AMfl-YThifC9Sa3Wib2-44sfFXCKtmGDUlpZ98VADccqU3jQLSBlsgb04UcAUSx893NxqvkZBVRyexhAmQiSx-hMCchkIYMIiflvs0daAz8XJzEVWLh0YmQRAcFlVqFHx9zBo7wBmwbwFFQcIKkJuyv5hm9KTKal6NfdR58y-LhMgh1EpGMSaPKwdlesd_RRNLKvRcgmByqDCVZSAmErRZ1Uw4D0w3mZI1PjJ5Yu3pj-8emXjWtw3XHtr8qV8FxbqZKVXnyv5Jqs3_1uhEvWyQoyQNWnFCp7f4miORklygw&sig=Cg0ArKJSzEbex6QSVrncEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=163&vt=11&dtpt=162&dett=2&cstd=0&cisv=r20221101.56427&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bam9JdBvrklsk1IfNWb9j_TImEbyJxc1ek69fbhhpxJHLHu88iNNR8G5OFKYiltuaDN3ojRqLtqpPMbUPkMGLuWMRhPg&cry=1&dbm_d=AKAmf-A9_F6ULO6oljM9UbBu21NEZqe37xyGAwKKvoW7bxTUoVYh6nvz4qu_mhd2cWxZUCXRePxbfdiGCvzHGz1TECW3zg4zDf_UKb0gygxhuFB4-ztAwcT1hYfCVHW-RsxVTCdRRw27qVBp-y9eM9kpA8YxDN_SVCmngqskAXfeg3ZqftHAlbCs0MZI-6wUbD0bGjFcUNZrfGgI9J3Cuhvpl8yz0kKWr-16QYi41BYx8R07jkD7ybHy8XBOKDc4mbaOdDOmd1bA6uCMo2NhqH6SnXvS7UYG9SnfBe0w0OG-NWQUQHzkvgoe4vdZXJg1oWMHb_29fe07o8DiBBJg5QLWqjyRQQjidUWHcDTqLGxvUZK-cVX80_APTP97A8t5S7uYZzgpnwUe8T8Z9tY7mThIRr00y4wjb_YkK_A2sbMBM1H6iw55cIEAClN1JBk6lhm7tFlt5GugGBj3kuu8LKfGQodAG1OjSAmY_KSBJ_-grxMMdvvzUExgwbCEJSoszMhjYhkg_9E4d-dCDB30zjbDGiXEfcepjqKokhWfUnAiWzcN46smnzH3O96gLDD1wCcMsyVeHVuJ4_I9tYDNxvm8xigfx8DFhD361SgQc-bzIlyZ1TTA3rV77KWnEAhvrm2eSpYNJkZd8DnL4ZoYXLoZOHf9iA-q01rBQ_P8S3rOQ8dSK4Vq3whdcX8T-whS0Xq33OJ9SWqZW_jps3uIf4N_cXIi59GcQfwmjyGfFm3AsWyZ4v2llnvL8I9kG4g4EwRf1w3pQizrXu-A3VJnm53w-JwUP1qXYwdLN419p-DLiBM7Sknj5fXLmp_pIw290iC26g3AWO_ioUt8oaRVhiIG1jTq8fGChJhiElebpiW34Vk4liQLn0661rwmsQB9wydQbIOAyZiGrqnKoFOze6Z0EVx6bU6IA-OJSWJ9WQnPIF_LZqoWfWafcRriPCcDP2JLMpDUuw94_kPPdK_ie9fZE_GLAm3J0Wc6PGsHOpJTewn6vz-GrLX01SMiYDfpHvE7HSlN4Z_b4BwOO8SO5zM9ato9blPGPzQre3SRVBmomzCY4ANos5WtPK3Zyd_w9Wl0xlLD4eiT2rkzCQ8mMI07oi-e7D2PzUqdY3-Bz99ag2uOCkyHnBe_TZ7q4DBC37eehp6ZA5XsPRTDBxp3unUn6DaTvViRrWCP-WN0YNGnJhT5CS_0SI0PRduWi3QuQDqvru54B_wOHVB3f49iMN8Z-s0VmqaB5HqReEgWwvcPVCq2s4mK0qaeLyOdUhpVvgHuDXZUlFCAxbhUCkNvmSqk4obsnVwdXlewUoJV2lRsrtgpll5LAFZoCpsEwjxgDbqpWecws_t0qH2DkqRf30zn3WWsYOLz9DnL47LoPuUgJbpPb2UzPAoJbHNdgVrz1c0Xi_zjxIL9e6NCevgAoXtyV41_BI5wtj8YQbXWiVVbiiV6YnXPoSBxR92-yFGgIA6TWUUjrN2qRrKi571JfpvmPx3I75zO4XQ-Mtu9__2l-fHmTF4JVjLheKilCJBnkiFfSe8zQFxgpK6zjF1kEK9qgUd0CctVk2zEpcyiElJ-_uOjOTj1XEdjn9k9A5Lupi1kNMyJ491iWYRVibp9xz8lQgbYSyc1YTvMCmInfNx1xgtHDBLVWIUJHKak0cc8aAYb_wG1F2HWXtC4vOG52Ob650xHkmSeTrZrN5CXbpl49yqOuOqBFXtkcgM9uSNZG_9LXXSq5SsDYpx2uh9J7_805lpu1C7iWebQpH-ukG41o0IfSe80TlLU1a45JceOybapUCHK39yw1Jfkw79n2g4Je-Jb4AazuULV-GmOlxEhSNKMVf293nbFfI6Xx5H1xFe2yc5hpD6ChjVvrYW5C0JtgdpUfb_aZRI7TWw_tpYAaMkf5tpJo6vrTgWFJTO8zMuHhO5h1rOUiNa2zJivqJLT2IIb4Hl9K43mVY4I48wbs-YvSR7XG9d_uXy5A_dIP4yYCPdnmdop1nBkjjZpwe3InRgJU_nEh3TD_91KOnpRS_vFawnts0ax82lxBHq6zbr64EOgQnZDGUtaSKRZQxomf9tmuDzx7B4ZXI71akF_PmNGLaO0efDNHByUoz71pIddVM3k-bdm9hthzyv9VJEHExvH9qgYeiN_TnHs2nqKmnLvWSZV6Q8Zw488do-WtfuT801dHc9pxbwWdtZJXIbfOZN0_FrjWaTAP41cK0Vj7mS7ggJr-c5em0dH200CpDwm9BIM2BfMCyH-TULRhmK3mzvzLHRT9BzRvyiFRG_mWQENDvdEqLFNYmjWYtTWOCy2V0YqTmYH1gYqr5tmNcaEWHy3H0KNRPtJEiigEmm-nCCl-Tdxjt_-sb03NdfU-nGLJnBGyarus-A0xZEf9ulqkiLHTol1G0IOTyY1VyT18ua4IEZyth4y_Gln7YjwmdpYPjn9uQ4f50uCRZEQ8SnMo-DJ33BRSV_4FggtYaOqk8eOtQseaLNT4jztDz3jk6oHBNqYHO8jgbXe3ucAR2TBd3iiBGC3bPj0ZUBpVMRWxwz9qak3AcU0q7NMF6USv9UkCUkBmTsXTPyyTPFxe32BLALorirUzLylwfqDL9QH_Y4WQX0v5v2A5vRxQlGm5GZ_YPkly5S26Tk_Aika-KYFNmN-WSxqzqv9Fxp0q8Q-1MLDL_x3i50_pDJWTQ-jbpfbX-1iYjnlPMbkOrbgPqe_kRMfP0TYJrfLpkcl3iQel3uvSG5dTVqAIIOTBF5IdIwNdq--cfFqZ0fVWveRMKdZEqv3yx9X7IWVpf6r6TAMQGcixfFMv9e5_6hcWVG8VT68oPI3dcPpRiBBSzi4PbIBqruU6UEvyFf1P5lg-aLPz6c4PSFvEAl8GQPtskLtTJYGToTc_JqENvCTVuNL6Bb1OoMioYdk68a9bDKaWNAQFCSMYiYSO4tGwbiTVKlV3wbqet-ELKEujOCvHO-8P6Vt6XNINevNhRz_hLAZ1XCKe46MEW64cyN0YXyagm-7xVyA-zo6ezSfl_FhMaEJ48472N6E0BM0vrgO_TZStmx-5CencAUDUOMUbQflRT5-ja2nJXC0shJwzIuercf3SKJucBEkWrYkuOmNGp1BO8hOat7uHgnWEYW0RVWOvKeqDizRNgbqDMiB_k80BEJfP1siiCVsDQyBSYzghFd2i1RoPefz08yMUVblteoWN06Lew0n0VZcNFo-Sn6oF9EGBlxuxjS3pvqk94n-_E5bc2AQFwhskryqvYu0ybynlMq63nXiRSdODflQ6c7tBLgsnhLvEmTozdTQK5JZ6c_DUu15SYua-tqbGksRXWkZRiVLwjh3TYMOXx8hRRDiWp__fAG9BBBmxxHalFI09yuy5JgCecKh5H7kkI6WRdjhbXBFTNjA8T0ZOLVhCQo70pdKiwTTX0cOqHpFBEW3F9qTHamK29Y57jYiy7Tq1P-qujAy8X_lWyEz9fq65tPjKAtzVhFHTCqwxciKdPqip_vbKDN_KdXrcEtFZgo&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 03 Nov 2022 16:49:20 GMT
csi
csi.gstatic.com/ Frame 3CEB 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~la1aywxv&c=6320438675451&slotId=3160219337725.5&qqid=CMLd5ee7kvsCFYGddwodC4EO1A&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400b:80c::2003 Naperville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3CEB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 05:09:29 GMT
x-content-type-options
nosniff
age
560391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 05:09:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3CEB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 13:14:53 GMT
x-content-type-options
nosniff
age
531267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 13:14:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CEB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CoDxbDvFjY8KeFoG73gOLgrqgDYSFjNdsj8y5-OQQzvjevuI0EAEg1rWlBmD7AaAB-ZzW3ijIAQWpAsXQbvIBXrA-qAMByAObBKoEpwJP0KBZ2bonp9xtKXnhBS1XLcRE-HC7FHcld3uHdWqPz6jWfV3ABlclpxT4sJSJNfd5g-h6ohzlKhEe9P548yVA13zYO4vvtrIAH_pUynJfGg5SAAPgv9J1zfdClw2B2V9uNDya_qYASc8yuSKYeFcuIvOPJEOTBUbsZqR_76da7en-T7u4LOmMoLdhLUelMCjTPDMyRD5ApRnEqIYVquqrzFK2uGKxkO5GZEHOK8efdFaOyrlphF33W6Vh6H5fpilQ5rHsVdmOzuPUlCpb9TSqWd1-lOn6R4z7kazK-5XLjfeeCahI5gzCfLNFSq7zIF13TCkdwY1YaKSGqNgXeoEjDupJKaGV_6Q_qnox5xwkxcfs-uDTxV3i9FV4rO2gzp8hxWaVqKTGwAT137fijgTgBAOQBgGgBnaAB_nUpr4DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoByAsB4AsBgAwBsBO71PsQyBPqqKPhA9ATANgTCogUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1667494160746&ai=CoDxbDvFjY8KeFoG73gOLgrqgDYSFjNdsj8y5-OQQzvjevuI0EAEg1rWlBmD7AaAB-ZzW3ijIAQWpAsXQbvIBXrA-qAMByAObBKoEpwJP0KBZ2bonp9xtKXnhBS1XLcRE-HC7FHcld3uHdWqPz6jWfV3ABlclpxT4sJSJNfd5g-h6ohzlKhEe9P548yVA13zYO4vvtrIAH_pUynJfGg5SAAPgv9J1zfdClw2B2V9uNDya_qYASc8yuSKYeFcuIvOPJEOTBUbsZqR_76da7en-T7u4LOmMoLdhLUelMCjTPDMyRD5ApRnEqIYVquqrzFK2uGKxkO5GZEHOK8efdFaOyrlphF33W6Vh6H5fpilQ5rHsVdmOzuPUlCpb9TSqWd1-lOn6R4z7kazK-5XLjfeeCahI5gzCfLNFSq7zIF13TCkdwY1YaKSGqNgXeoEjDupJKaGV_6Q_qnox5xwkxcfs-uDTxV3i9FV4rO2gzp8hxWaVqKTGwAT137fijgTgBAOQBgGgBnaAB_nUpr4DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoByAsB4AsBgAwBsBO71PsQyBPqqKPhA9ATANgTCogUAtgUAdAVAfgWAYAXAQ
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 3CEB 		31 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DtRB9x8jyqiq7P_Cgbh66aZZxyXMxQTnmqhhxPJ1GmSvWg7K70FzMuDh5JL85RfPl9zXvaWHv993Wwh-cxQ6lhxUK2bw&cry=1&dbm_d=AKAmf-ASbpDOOncWRuq1yvN_UsMz4ym27RMPwB99yN112_z7kM_aRxArVSmgjtMIeBQiTTapbL1UFl1VsjstDSPNIBQE1PKWq4nJzkKfyFEBQizqyNwh3H-7B1WA7JZDHyOwkVpkibufScETT_r7TdlhdVFO7BL-qoiCtQT8VCxeZY_TRv8zqqjahYbZJuJk3uCLlvHJCwE9gNeulMFnzJ5_Wcth4CzfaED-Bd-IBMk3jJzVGclXyO39FTy4A0JyI6Ikbsg5MsQKrGgHLOUDEEbhAyAW6WfONhGTvzYw7MEL1sNY9PBOrA74Z1Vpqc7QYs7WBBIO17DLPgtqYRQQ9t0Fw7MggaVGB3Za0CNjp2JPBnGZjrNdkfPJB0t9RuZb0PW_WsoBzKLixxTL4MGUKskI2LTy4kLlbaGZ62q-94iCilWuwt1aOdivpWsjQO6ybcb7gabimpb4txLvN1X-luGo5svL1pMSt6tjogfeNBvCEOG_G15fVZRdk0afEp-Qez6zubhLbSQ1cLAHJV7TCY_XbLhdmXSKf36Es_ypx5ANhaDud0P6g6xM7N1NLXcai4lSV_7_FIPGBboTJEYRn53w0U3u2JuYDhrp3P8TzrmLPOI7nGWA7H1I3_4cjcJt4C0uGIJM18pfVARO6jrIeoBHM9nQgQ9eZ7KDQrVUfPnHG4_gnPquvvIP2TNaT2vrEV4q12oZxBKkz8BjNfWOQa7HW8PzYWm-rDoZgwT9KfZJ6iyLwtaRV514T45CXdtg4P5t14cek9cj94yBS0NiIZn64dFYwMofrin9iNQCQRQJq7csaSaKt_WNMZC800ne07Xkl_-ukzoghKI1skSCasT9CP1wvfS5XKsHhst62f7E6L-DOjm8frAmhM0Q8EnVPrTkYOoH7mg1v3PHX7WVFXX_KLiyickZvPFL65hkBEWbh7cEx0YsAVSrmzsUH0BVGkX1KfbIm6jUSiV2N-1HiCs8kVKyFRSzIb2YqVpVqp2AEVceeGVZfUCWDXtZwPft7vERYeRUfmDLmI4Dsy66PDT4oB1WqOZelQkh6h2E3hcobjvuLuvhQBrmLzPsJQ6pnKs6Qi4Fzw2X5HcFyuCYPAAEdhAAHzr2tDZcuVQ9zlmJ6aQkLuzqS8yM95FfuIC9DefBg-FlTwkGxivWIe3uFsgEjye8mS5PHeCbQiZleXObZUC8UFufVJUjXKMVhIzbpiZucv9zX_OClQs2WcRyTgzJUGQyzZNYeMT3jD7WHALEnbUItHUK9_1OKrUVgiZJtE7_mwijL3GNCG3Sne9O7gofNXABJQrGGvkSiylu47Vx_1so89wscAPxwzQ7jrr7sPpKm9MNWVSYeigN_-I-oaAgkt6UFxOU08WgXumKgwbN0tn2yRPWAO2uADJq-pvQXdVwYnPM32-YsVWMmGvuSul3s1YsH692aCLh9J9jTtvuuxPN_SCeMwfYNUqJWvXFqegNlFnWVFimIpKEvOSmp9koC1aiM9cW_uIjDdxEYw_GxmndM8SiHKbVc_SmvayOcizSz5XZR3lR--X8tieCOz_E5xjAzCbwvcPmVtihohix6CxXLZkFJRCsu4ynYMl-ovPhZC_WF99E3AOPySRU8w4oV6dzejooBNJeaSDAgZ2D1ZTbBDM3u6e90azONVzogjXj_JCenr3fbP_G62hXbsGG5NwtGirw--QDuOLrZKevOJZuWqXiJ3eE0dL4VqhX3J5d9wcBjFykmuU3O_lETqBrE-31P0O1BA50wM0MxKc1AMn62NQqZWR8XYW9Z2zyGCBosOw1eoyovgzpn9E_iSZ8c5dbB9LOzMUwdKSSIXhCMOEFXDAbKyIy8F8jzSKoBxBBh9QTkweNXSj_XmHDbNj8046Tksf2EaDmYysYWPYw00KqQhMbjjaKZZA6AMGB_ydpR5WYVXzoLrogQQ0wmTvS5J-rJmiFZOGOMRfTRqgDxSZl_95UWkhr7kOEBIIdAuCBz6CBaYcN2r3vxNL1vd5MYARdSxkIROUK7Inj0qBa3iweSCDq0JK5PRz6NdRB61Ftl1MXulS_NPj551JJDnlyPI45XNZjBsMJa5l4K5NVRfbmgqgbLNBnX1BEcaVnswf5PN9srqDDL_PMUQAEcOwazXaoJZIZR-N08cVPP3A99JUpRxzeDtz5HNbfGRkDk3RW0wAo5rniRT7jVU7CQ17T78FXyK5QOpUpSYxCJhKsdkFcQ9Tla9_BMr4YrSwDsEf9ac2vN5e4sqv4MNXsufBPSPnEyx0fjGnzuME-gTDjT_uQZo90QaCZUYAD6V9HIH3KlQvckyYmXJ2Ecsps_N7shf5WJ1AqEAzLrlXJUk9X_J1WI26JTq-2E_GSy2iDqoXUSjNzqRRz8Z-CgGvYJv_fM4V1zsWLbocaN2S7We3TUumkDhuvcf0u-r8lF-R78zEqNDCK0_kMJfaQ4TNxgNIyd--xp6L_1ewzfVbDqbkD5Je9KhzfNj213u0qW-2n_CSpuRRtX47uxfDZf7uXf5O1MdW0UbGAfYuWFJ5n1HYNLQsvVIEiLIV_HHIZmFLxw8UAwWHRv6yWhQWpXfnzvxWH0ZfHVXDxc0A61fngghUlMZ3cTHCUg-eXtVkKo50AqyTEg5LNgfrh1GvMKQd9KQ18G7VI5j4vyMse_2bieXDZIL1klOUcSI5ID9brAiTaA8wYb7YQMRehbPQDOXX6tBhAqM9SWXQUUjjuBa1SZP9l39cyzxNSPLJ0_eYefK_nUIjyjzA-_o-NyQsMgkfauwnAjuvkbL1puVFEWypcmpT1BuzrU5SMbLKdBf3Z2UqKTqtroNKL6rClMi0V6tDQckXDVOWwH-eNSSHJdETDXt1lFM8wenJy1bewlEJInXFlpAl-a6jADvu-TUpgWejJAdw7QLuxQmo_Pi6xDiIVx8JtfAQl3N7KwbQ36mGsQs5JRJxOR-FMYXJUTTnjd_OaCCcmyMfzDTKshsNIcyUo7AaFiTjvOtLTJk223hMM354j3GjxIoG0zyS_HsgrtQkO0w6qtwBUgWXnukkIwOb2wP8cBC5WgR654McPrVOTu48dARomztE-WHfL0L8YHetRBb-7rlj47ZmbsykSzpbkQF1-9TpJaT8ZY2PXC7DCnwOnHRsWqHz3IOtPZ5Ze5hN3gb55umb9mKAz_xe11Fk58WuRGYnVoL_Sy8zpQildLKPnWJkif1sd0G_MB5PiMAMgvfnPhDpylB04CjRlihmQ35i6EVDgJdawlOYzaBSzfbO0vLVy1ES9INg-u2_0SL0BpdhWalCAelRLJ_PiTHldrIwMu5QjoiyRROG-rGCGV5z2a8JTycLC3U9sp-a2d2okwVqMkfRbXOU6pSMI39XG836TWfE8lHDWIc5dco2vMv5NZMIvzlRCmKxiqj0pqWFSwRn62gjZVS5tvajCsoMMEv30ZxTFbFGHjjB2LmQrvEnooobS3RPcW1vbaagnzyz-4vAJR0eEEuMm2XyLF_22o4NhLfaKAxGWydngfoz9qiGEO0hYd4JjCL2dCumtDehRPF5vKL8T88ldfLQEpLWXkZLOUvIFbXZmYvjMZsmYUGhse2ZJdWbgqC_XkR9dInY_EtqN0u-THBA8tA6L-U1_sAynC7yCgV8S5aPPl3KiLYlsWxiFlKCm4JQrpolPLGIDRm2xBvwG1rDjdzXSoAut18IO7Z1mslrGACQJmGvzk1wSrT75vYYk0xzve0E0wID_YCDRr5SGnufYVg&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f154.1e100.net
Software
cafe /
Resource Hash
1e6a52bdf256f3123a908162e7e216c5f0880d75683f9134532849fbb0e57253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16465
x-xss-protection
0
pragma
no-cache
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3CEB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cbxu2DvFjY8KeFoG73gOLgrqgDYSFjNdsj8y5-OQQzvjevuI0EAEg1rWlBmD7AaAB-ZzW3ijIAQWpAsXQbvIBXrA-qAMBqgSkAk_QoFnZuien3G0peeEFLVctxET4cLsUdyV3e4d1ao_PqNZ9XcAGVyWnFPiwlIk193mD6HqiHOUqER70_njzJUDXfNg7i--2sgAf-lTKcl8aDlIAA-C_0nXN90KXDYHZX240PJr-pgBJzzK5Iph4Vy4i848kQ5MFRuxmpH_vp1rt6f5Pu7gs6Yygt2EtR6UwKNM8MzJEPkClGcSohhWq6qvMUra4YrGQ7kZkQc4rx590Vo7KuWmEXfdbpWHofl-mKVDmsexV2Y7O49SUKlv1NKpZ3X6U6fpHjPuRrMr7lcuN954JqEjmDMJ8sx1LNAazzzHet9devb733T9kwJG2mtap27ym5bf1BzWDYucxoxUwQgvSzssQ_zbs05ZhxYzWA95CVnPABPXft-KOBOAEA4gF4e7x4kSSBQsIIhADGANI_JbUAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH-dSmvgOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChC9iA0YgOHk1gHSCBEIgOGAEBABGB0yAqoCOgKAQIAKAcgLAbATu9T7EMgT6qij4QPQEwDYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItNDExODc2NTc0NDQ1NTM5Nxjsvwc&sigh=gWapA7e-Sa0&uach_m=[UACH]&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&vt=10
Requested by
Host: eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
URL: https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 73E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COnRiDvFjY-GpH9ex1gbWpYX4Bai80IZto7iataAO_ePmwLslEAEg1rWlBmD7AaABjezk2QLIAQGpAkJF7Et1Yqg-qAMByAPLBKoEhQJP0M9wT2DmeQbWYlSXfh8SBzlOlH7Yw7RZtpQv-AZJxXCVabRlD_3VGB-A38qgaV_v-R64JkaCVMi_iDW99nlul2sPZkMYAn0ths1lUtnHKaXdrRjlCE9zz6DOtE2IghFZ5hJxTQdItfWc7IVH4kmTlpVKQhAlQ34rhFN29-BiFf2wfP4JTk41yeaP3leqkE6h-pxpamlKKXjVtli75KpCsZ_CNk2Knxgn1eXR_mbQYEnc-b5iBGORlnn80RuMUyKD5ngZq3A4UYeuLkssmSvVmlsZzvdfSMb0n0pZWN-PQLWb8WQlW8O8xc-6rJAIFn9f1R3z_Sn14h1Up4o8p3iJQDL5VTvABODCnczmA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfbk5umAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIGZBdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQK0BUBgBcBshccChoIABIUcHViLTQxMTg3NjU3NDQ0NTUzOTcYAA&sigh=uP31wM_IVlU&uach_m=[UACH]&cid=CAQSGwDq26N9eHMnJkRCzB0nRwfgo-HVI7kLZymjDRgBIA4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1D57 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
2036
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:15:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E383 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
126288
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Nov 2022 05:44:32 GMT
expires
Thu, 02 Nov 2023 05:44:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F026 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90a9324853167b6a88a2007f41a77daa81d8cc979ccf40e36bb9b5c363648809

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3CEB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27ff61d4242c41fe3b2b496dee334aa9f7ef3d669e0847b78c49a8ab492c938c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 73E7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62e3c38ed32cd8da8a476b0f246d37dfcdd6cc1ee4abc5fa4c4432cab631ef2e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 276D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvR4VM2B6_nX6yyJ--thMrpP1Bv4lTmnz8h8CKGWfd51CA2I2Bcq2Em3Afa7v2iUvn3AwN5KtOUGXxFBFQymMRQw2lUUO6R1y0wDXPUeL7neKvHmBHUUVm68YxaGpx7e0IciIm9IJLJCtVucwA8wFNlOMzwZw-LNJwVh6JAaMe5ixNE88fgM1ImeZ25luWaTHQFzFWFa7P8WF8U7yjhswp51uyJQjDcMxzGwGj_NhtFnwg0-OWSSsrUKNAUw5Dxu-bkmvDo0U6LQbSXEIEwxZBEB9kDHEDX0_qoo5-R-dEFgkTSoL2JpGdQ8h5s1rcKolEZcLrUlATB2KHai1bbs6SoW2hzYRqavhdI7nEMjxJ_obPr-PnfSwAE5VXa_B-ZgaPT49sdBW7lZOGuAsRL-Dk4jIoUjNrYs4FL0as0gPOr6fXHPRF0_DfxBW-pjVdaAo9IpMlI1lklquzThVEoa8Npt8HPJ1DA2VPpBHME5R3uueUZjSnxUzhE-YUMWt-YStP_cJkpIlJEU3LjuihP0ZkwvtxeUy7HmDI7Uzr87mKHaoTYlHbazmEyaDBKFQoCwWTII9KQ2cdxI0-d3dbXk8zZcv4N-cFZsf8NIvCj1SPzYcosCbtxoyZjUSoytPtmcAmWxStO1hNmhkVxjoasI8PT9dHusdiRcZmHHrl1n3_kGMiztzM6SghYm8BPxXXBszfQeksxZbFqgyCdjE2qKQeBaDRzQX3Av8cYRTftDJagp7T5espdVX14gZz5OnR8FMRlo-7SyZxyNOKpBfjZVoOKn8fHwIJ6g-Oc39rOkeegnIVgUY-U5tPGeZMiOji0m4Kbdtt7koCnVVzvTs-12a0lxfxldeEsaTztakvcV5ZXgCNQmUY_DGmV9igCa9zA8kcEP5SOJZOwVF4mD8DSZMKM0mrHhTPRFOqOa_pMnlsSBAwkDuJJDZxH2iRqUSfTv4wX0lwTEVoxwQX1UM0Ivijuuo0DxvwvKdwBZAuhNV9xULzqZv0NP3xEU1sBAaoQKlSh04Ntf05bkbFkrVaRlDWpLojILRk_NVOLSgE3ScS4HozbVeWJ8kD8COgV044CATBdcaQO9vqhct50Pbug1CofEFTEmgZhzZZADPQIkUW425zvbLgfllp5bhJgDlYwaY2QfNA32x9HIE9ZXNacTb1xN0em1bCZy84H2jFFQqjOgMwFSaL9qFpnaeJg2obMlsMHtZDt_HRFHNHQI9zHbxndXlXLmQvN5hAtDGm4R1cRztMHE8i6rhf10lKzQJqR5czvy4GBn2V4kDeQvoKzXe7i_fZjb79MrojvRITIMsvMfGYydmmbPoX0TLUFVBrSuWbEAoG3jmuazBo&sai=AMfl-YSBO73IIaIP7iUcekQFrrcVRLzRXII0tpHS-EwKrY06ccMdTbe4CXEpIGvtsfq1_xsCRTA8DxwAZdoRZbYI5e69asiB93Tdp8A71cdAwPxVZnAkadcdURBowtDVxXuqzHK-6Sl5NESCPg-8Xxoyigv-vqRaEM2HjgbI02hRRRDRoueWAiGPMlMDrNRTlHtZH1ucw-H5nV45Zkd05JB3SqbZb-gmNDhEcTcyGu7ZZrph7EfE5ReyTJUPYtAy3nhG79ICWYDe6sZ1hr935dlXsCh3sRFrdkgMISH4J_s&sig=Cg0ArKJSzJCooyTrbjN7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=313&vt=11&dtpt=311&dett=2&cstd=1&cisv=r20221101.45445&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-oYf6_yGTaAyHDcoc4tHezT_UQ94gkgjY-kbraRsYFHBhWfc6_Q9FQOFf04MZrF0BfrgNYgutgPTAzTTyRb5YypVFLQ&cry=1&dbm_d=AKAmf-Ck38Ii2cj1twsK9e7jB9iNokrlk-wOkr1xS1oPEoujLW31wh9Codq88l-q2RqL4_Tab49-KBUAkRdR5tsa-VCDERAb3R_KkxjIoRFLQUE0J9so28ynfuccNNl9qVHbOxyAzWlEVNw7uFH8RRNO6z3-EShiM1vFx3k04F6f4-x2hrrrKW2TEHxCDBFay38LbBA2EZKLk4dXvsDk9-sTX37gRMgw8bT1AbDn8ytmtuzHHoKKHklxAZQeFbkL1rvBKsyPbXVOtSjQdE2q6E6p_IUlRwH1Zvk28aNOhnOYzHgFAlKSKpbtXZfK3DmRHeW-3LBLcM9Ez1vJUe1ErxeTP5DFxqnIP3YgGYwEkRcqweeExS7sgIV2j7sw1ILTvXz8O9fJhWgemtQ-5mUe_kGVudpX0OWQYNUggnwsBXOvla01DuBgvtwN0CAsgF1om8-NrFla_4LMS8NIQbBpDfszRewR_WtFe9TwydFgz6mobPsEXlbGyL7Rku6cs3J2UdI02oIS-8wW-qX4AM9vNBYZREA8foBzCiLuGO8UOXRQL9Cn6GUChUX3oLI4wR_5Kzj-Bf4M7OGpnqaSTO5s50TuBZWL9eq7cY7mi_vtHiDyqqoLXHEDXQwJL92pOju-Qe81ACZd9kRDlQfJMksUWgSOL44ee1SUPG-KMCwzneVYqE596istpHBNktvcpDrjAmBXdGpGDd9jNsNZqiSomQlzB-7GaId4T2aGV8IEjzIZBCq6c35gtv7kRSRUuW30RYtbwbQa50UbsFnOffJIm-GKEpNYI7Dovlwlg9z2_8MV1gyaVOXCbSkrLwNtHt4MWouyxkuBBv6dj8y5VE2_mPjmQGf1NiTRvbNsI_ER3vaLrbK1Hrxb44sGQSUrzlrd01eimQs1ZOKiDme2ASF15no1Yx0EKby-fDBDCWyO1xDvwfyDoJNoTrAZzaC6XJgseiOlEgkqxvRWnI972FSgWX52NRSaN4TjPyTusLPOdykP8Eg57ZwQ34ID0zCsobXWo5afXn0wIxqvUe1VorcnVBschPdRahrpeAPbzZNgA7iFc7I5v52vv7NwfwO69adJMMGOjHWXUjY0nYYGe7rv4Pbdy-K3SIjI_6ypVtOf-2yefIVFK1c5uEaAzDtmoIgRXDppbAsvA_Vd6andhu4rPZzusZmHHDHcVeTLSRRuNBTnZAKB4jqySWk92-PRl9OfcqgjEKgxt3S3htxMP2-8HF5JMcz4Rq7m42C1-9A6G1t10mIIiVDlc7n5d67J2ZXRzvi-A-WqXVpqgpSZP4ZR723njVNDJNJf9FcsCJghnCtX3xg0dp4Lpvu5EJVQBJ9jVmL9o71jMgtKUUO2S40Qn6oNmXnx5kC9Km7eAz_UGeRfqS-80E76JeNxuRkKI0HqAYaTEzj1TK8hksroUjyFMuu-IXZKQdwo2dXmUT12IDKEzNJsaveVBgzo4MpkESM_r4dFpMIvC2ncdrBnvFAC-hfzj4pVpp5z0DzyjErEBz6vkUf0GehfMOqqMcETFlt-nnl_zcgSc96aSjg5lChnDYDDznQiO6uGIEUDkESJMMru5iWOlrD2GiEePfe0zzMwySBZ_NtPQPloHyirckv3dS_yIfXEZ9SwUbPUAsXcrowDcG8xIY_sfiv2PKWFgd07ugeouyoo8otegHJ4ke1azvIVjfVoGksz_n7ib7ULfqKdj9VKinvkaY-qnu4SDMwOnesqutClu52VGjfUYW2pQjImfFes6ycfJPBs-bUqV2nYSFxRAdiYtmLETu-6J95C5P7tt9FVkfeaDKUhNlwvSVl9znY9Dl7eLVh_80gTvcgvFr-Y2aiZq6Ao_omGvRdV-QsYhHb_UjbkQbPH2tl4GhcOgp4G1V_4SEJFw3u87H7zDDz2sHlvlZHSbicnmXsdjrhpNrFtj4bRJSGsQDOVInKW16Bt12ZSVzOSKp2bWft7AL8xclPO5ZlUhnrlS-JBaFhlmmw5xyJV-kJZwyuAkJiovfp4Nh_zcH-Lkg5FyqdaFPepObtUttIRfFUqMKtz3_z96o0cnDyMwyEwMHfXgM8iuikKo1fHG5K6QnwINEm0x5Xe02YFHXcO_p6LWFLpvUGkmLo_ntwTQ1t2yU5HQEINOIDo8g00VDBZpLQwdhlvXzTBheTVRD7ZHoWJlKhidNrlCTXXFUCVEdZqEaSPEiFyg145G-xMMT9qQTbVjBuPUD9JsjwoebT3iYHTbROvLQ4Wpqs0t9sBS__Sgsy6ANnESi1ei1tDGd9513Oyehj5wgdKym0kkMTDnZIA3LRJWK60d0aX0c9CMtQc6YXFnzzBQrl48G2DczQ2upVhpI8k49W55ruxqhQKdtwR8ZmyauEcRv2ALyhJerqg1PO4S2L9ZqyxuPcDUpkPqneez08dCPccdSse4oahn75T6QNqC2tVpzcleDl0cwiu5zKn_79U84p7VMLhLaIx4YqZAfQE-DlltO7ItIvToZNE9_Q5yGrmlrCkDyA0KjG0Q5517mOtDgAoqlYUR022FSJKEI8sXWAG8vr7PdlXGrsDFSDqH_YNs-RiIXbDc0O0B1c5i8bYi9mv9UYYmEVZHky0-4Rl-dnWMVapiGgKcKdgqyXQZPOMi2d63E5PiDn6pBxPQGSi83SWjbdvLiBLlMuEnI6lVhqPsetH1fi2vgllTg4G2OsAcUr7CLzlkIAot-NoqkOfs_8tu4Mm1YysdAxIp3Yz4RbURyWm1AgHCXSLaTO8-qEycktKCMCBi0B6_XDsEepnA5XqQqCh_D0xoxgO0nhQwfsWlgXYppf-Oy6LEf2MI9aqCVx3nNr1uW622TU-V7n4x2VaNoZkjwRJv1zW3-U1Qq0ozRzv24ANNV9f_5e10r3HSi9Ifxy9dWUZmz3MptcD3DQa9_GUaUJm4oZi7H34FkhR3RHokoOxkCuYzBApEznGDxNPr0OlRz2OQ94gRhUyJHVfy2mOJJdcImKWBPx9ILRSMtI1dcVBssG9tul4guRXeL_ZiMvtEwJOId4Fh46VzM6KL_TdOLmjs9Rhp1eHs-k8GdPsqfFFDkvcri0Abiw98QEfqssXOWm18nR7zsEPjPW64C2-gqmTMDX76TCXJQ3ssr34ls_K3MvfwzJMvaGzhZlT70wqt70m58Up520RZ--ZU8SczpGVL0xuftixz5k59m1Z6AnsZOsza6N4qedJ64nAFMGvS68Ic9vGrqJ7k0TzihBpSOmEelN1pIeTzP1GRVMrAfTrEf4crNv6QgdU9tpc0o-iJXiASrsFQPvD87QafC9kuCcGNQWYJPf4YSDLsEEbbgQw3Jqrx7HIGq8FMG5Upv3WnOTWTVOXyt9rS0qt8qHOsYKo1iVPUcok-jVsZt0mMmLKJ65AJJwpuJ4EMHwSbUUZsicNEmW3j2w13k2-_c-kZpKr1oaAO3pbWVLE3nrIsleFwD-3M2LfEpufsx3P2XLVed_srCoAOgPY55-Qp6hPdbRrE-xBxYu_3kIHJhUoMMmQFnd7BK_Z6rqssLEujcs4&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 03 Nov 2022 16:49:20 GMT
truncated
/ Frame 3958 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
817a378df56f074b9785dcce3f8af5bcdb7accc6e587094cfbed07409ad4a854

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 7163 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1g2OmUSAZ24co_OvZvyh3NaoA5pnC0TmBmkit4bbHjluUB4Y4aEGRpgdg9hW5fOjMubmpNDdpGXykgvy52e9-UIfp&sig=Cg0ArKJSzLww6Baz-Rf6EAE&id=lidar2&mcvt=1097&p=0,0,280,587&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3746994897&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667494158443&rpt=1346&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FE87 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
126288
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Nov 2022 05:44:32 GMT
expires
Thu, 02 Nov 2023 05:44:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2AA5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f299e07e89696907f6e616bc2744e84daed15930d19f5bd281beecb4527c91d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8D3A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
126288
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Nov 2022 05:44:32 GMT
expires
Thu, 02 Nov 2023 05:44:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 70A5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
126288
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Nov 2022 05:44:32 GMT
expires
Thu, 02 Nov 2023 05:44:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2AA5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQVvaL4a5UHp0mhhfkK1OXqZVIW1FHVo5UWGU9pz2-6pDmU5W69m_e0PCSxI9j19nzsG-3L_t74S7WwoH4Vu0hhqzUwQLo3FB7UUC0drG6hq6RHhTwzaA8gTWaZpHM4VKwCAeZ_fQ79jwsBynvPoGe9t1au79TBPu33MHjQJ8srQEtz_jHBwkfLTJI3Rm9WHKAfT267mUho3XZj47veeVoVfDuRMi8mnBmikLLo4kZqgFkMDcX1KqWkS6Ffimsa3WcujEYC0smOs8RRZGhVquBLK9jX6Dv9jPfD1QxRi899axBugv6zbU13PO7plL8q8QOcsY7RV7Xv3Lpga4N78ZDFZAv33u5wwt4hZRPILq_KndUzP8nsToCM1A9nyyYU_UYqC9QyJadvHtCTURmDXJXJAEsfzVN7jDQ7gcqmBEhtFHpOJhFduFn6V1QQkETfOl1KwwpJ-bkZBTZU9R82-_p9engMdqjbF0N5maeAyWL2vacCHjrVc3gj6EPgFQxjQTMOJwb203vHPSdnERnZFBY1jMnYTIeYp0Ru8al_3YGuQOfL1VXV3ygtqMCPsjB27-VYmiBcAlwb-MDnxk-SE3fszUH-B-c9w6fqbjJwGmIQT0nH_R7LSGHX6HcW-9K86M-eaOgI5RPFqnLu61SNkLCFYNf3pbW6Cu4CIYsVsJ2eFxfJjn5hyNjCdHwkuseHsT63eSBOVt2YsezVAGcfRpH-4t0HTE0OYYno2Nqwd7XWmbJseQtd1Eg-Va667t5yHL0C1alt3vG3JuSDqdZq_K43Y1oYpGODMQphMIbBYVkkdIsqYIkyMyZX8WN6l5N4p--wsfXx9QRSdh7EabnI4p9RCPh62GTTaS5Rg1JHnqqya7UfxWTyBPs6ZI3j9YALJUxw3JBswnT9Kg9iPdcxHzRtom8hbrLbo0sf-liV80c9ozbcc5nX0X8_BqR3IIl4BKzVyJZDIQBkz5YD5fz7F-7UCvKU_vmLhmsghZ4_XMSQ4JxKc3v5Ti9_Geb0lCIapQX5zidzoiV9TO_M1noLbIt3GoXpDf50H5RczYTVzmNPucxl18ZOzVr_ln7tKZtcteHdIR-NvHQ_dNmY2r_z2Obc0JH9pO52HeEal2E_63iEfF0HQf5FRy2po1A_Ma-o0nVWKtGt1R7Kj6jV9sqlAclAKgGUMTrTFtc9biboAsdz_woHsJa2zobGMUUnHh58mP3FHEagBFhtaX5EHVmQVnH1JotGsThDrflUkzSaEjE5XiEKK_zO242KsGVw3_2S_NBDrGaghj1rXoA5VJRQOCSLG96h38crG0LJjFjwMCcrn7kHhUYWdKdhY5f8uNvNcaGTSOLbtoJ&sai=AMfl-YQ6DYFOj419j4HC1iCx8KEKdHJPvh_Ke1ot7H7tVFwT_zkJlBOj-_3BRrFjP9wYE7ssMeQeZtPkhQTXrUHsbrJt-9yXMvXMdZYDToot-LLUsOs5e45ClHqSc3UXxTaXwFCVY0izXHQ5uFLglWioAmULZZTE-QKJVRqYg9I3q9XAz7OHGWngJ4XDZAxhpeniNcFtfYD-RvaV5Cp6hTvbwlkRIv0zwbZtvmtKlThfctZjcg57G7qL3c-D8uXuh0eE7be2A9YPOxdvAXJEy7xCZnSt0_PakyOsFiRQ660&sig=Cg0ArKJSzCwsKvWodwe-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=289&vt=11&dtpt=287&dett=2&cstd=0&cisv=r20221101.54311&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1SEijViJIrYRFDs5IqtPIAdhgHBwAR4cL-ShHgcwIR01HxiTAn_Z3kjLeeD1r-AOTMRouq0R2XVWKujuSdLGtjkEdvg&cry=1&dbm_d=AKAmf-Do2YN-xCFHwUMg_QWBPbUwmAl-oERn26veBWwwDUvsPSedPC-qBpV7dPZOPb8dkJzHOmzOYUiCEAwFWdqm-mqm_K0tBWpAvto-7GpzMOcn2B5Kf5iYQsrOFoJW-45lIafRUiPgel4QtLZXDgBa3_jtAkSrkPDiH7OoZZ1SpZzucybF7HHe7OAycvy-37faXRDlaeslkcRDg-xg4nlCtrvalfSGaPUtqxKM2SzxZkp0IjSRLzusR-M5XfVKQZDxfcScm3E0ZOOrsC_6TExnEJgX2ks40JucindeqC6mxRrI1x5Ugek2gq5FuyJn3ExFIfMipPT-u_Pgw7Damw7qAHLoGz3GdHHu0zRT15u5G44GqwSIicOQ2rwBIoIA2gUw25OfMngLsUe_mRJbF7HWkgSIqIkPbno1fmxdmiwsDcE_HhGP1h4S56D_yX6Xu4YdOJJpEmFJ31Upk_rDQTa4IYlGS1Mjjw5XQFC3hOt0S3QxuDFVfaw5NRXost1nOKSMacx2gsCKbPmMUxww-uLLerTxJeDncc-RQVwIOLf5FwrTFxTaLo6MFFlZPssnB-cKYyq2emCi2Gn3lB5rXpOdwHl1u4vKOiBXMrUMZjWcNV8B_kB4ackx6_iKwo3IN6MPs0rZBdd1Zti8HhpfQhGhn4F7kSTGllAf1D9dowsyraZjK0gebYsFCvUOiff_q2lf5Gs4fc9y8NT9F6FkQvyRxMJCOIp_C1CF-7iVaS2JzwUpO_WDVt6cqJCqtHA8aHUju-DIJdj9pdZbYEmgLTe7YGpfeG7ZMfTwKhm1iNrtlbvDVxVeUAdjuuasEJlEJraWljOsUdLSewWf4GPWAxdSmCYIPn1D4ABqDgRPNw6M1S0USLCymPlUH3OBqqD7kMaDHEyLvs-LwooLXTcwMz7dHH-o01dKy2S6Gue49iDY1cmtXhCieyu-GhYtfAtKalzDnxuhdre4fa8Xpb1MEB1HSkV7zxkXpkLuxj-QVTQzL1kZDH_0drXrYTZZSdvOo-mQtU3ET-iqCpXLNF47ndDrsT0IO2367L_v06sMmuPjdwIwvFGIJkbpjmo__HeoidUSP4gzfjSw4ufPF8uWt-3qMnUXglWD3s6J2esvbHuDtzpH-yFHblq43c-oxgL8qZNJ9IDan8R3ExMhOiHKhBopZlnBJmv-UD6Qf9TVrHqyP-nX73bI4B2lTpBIyFCXsXgnITdk_N6vX7VT7uGinzdVFhiPWvS2kuvoWZcRD8gMEKBeZaFbsBNKy1rRfbWpkhFK2Cuv6DK_Kt38gTEemq6MdMw2cHy8oBrUMqqW9u9sEF00X-99cmLOWEi90z7LEkYhxYMugHMPe-VubXVi7r_-29m4aYvrlHb5DaqdNG75Jrdc0iwzh2ylYSI8_o0zaFs6B0gdvmG9P0aXemEcg3XqNMNAsNS6OR9GV-ZaNCZULWxmPItwu_Nue1yV3Nu-RJ55XkKgeBJ7bqhLhyV7FXTO8FSoXYLxa7LWYTVRIrEU7pjFkfeJDyeHveXA53PWLqn254KoFT5P140CJ8omxj0Xy1pE-ZnQDNtzzu9R-KPPLgNqxM2C5qSTnQp0V6PIA6Qze38Gn_luPG4ReLPe6JXvVhM0aCdFRdlLxS1ElJKhm6MUwlbq_YjHhnSBycBzfkWqWjY__UxZ9TpR7d9PD24gDAdt9a-tYMRukV_w-wcIbNuCBpWiN-b2kBNkAkmcT8BxtyW0PSFu9zZZW9LlnhgCDIaEEtazXCsgYLWT4sfya3RPeSWmY7qWAvzShu0WDDJmS2yqZ0alWHUknYmwpsL-Cyzu1B8q_mkxHL2N3gSNbqI1JT9ZL7Oc-W6pO9OJ1vteNQ7_lRf4vciuV4b8MrqGuBVO1re5cEdf5wYyzGe3m3JCKOj9rRQ7ZHm_Ent_XSPSKwS2xSZ-0wqcLRNaXsqmWzcENmFbshOjCdaE-rm6oaiKBUK4dc7pNAythYCNWcDLgj11TQPaKxmXJgi2AQA7BVASEa1mhrC20iWNOxfTg0G5kUF-97ASeVvc4K0mbgXRA9x61ZhrKykkGKIZ__y8EHnQhiQETW0AumHUoVm_GKMpSD2-q67LZAo397114kl4ev8Wxt31UQ70Bq-H77tE3fHgoHIFMHsshNDw6ZjNHCf9EMfQfF2i6hFyuVmN84qkQQM-YRgynOxYpQqLnXNVAiDo3k0IKMeypHSOP_1kLyPK9WErEg5I4QnYjatEk-awreHn4_A_SLosGbM3Ctwc_871OyWVgzrf-G7f2_3MpLpAu_9Ius8kRlKdPKvXFB_tI4ninAQ2BBP2cWQeafzaZ-zK9d5iIDixFzSc0wEk2wdmCghaz_ZMgp1zSWFSdndY--ff-Fak9Ze1MErBnwDIhoNeNWVZl4Kl_tAwxCcp_A__A6TMg-z1uDL5wKlGbp7zACXDi3pxm8GdsLyLgltlGz3SwIHgdQroe977BBmANxiFE65y7XtmqyUMztnJ_3hYB6F8mwSERR-FEbI8Xqf9lpuu6gRhzNdBEPUAyWOHFZ5kn_RGkbzTQSQBXtpM4TUPI-ZDQPV7hvCdfG4w1JoGt0uzgDPJy278UBzAw5-OhKww0NwtxLh8xh-PL-AZSJYqFMRKe5iLOvA2BtE9VIbO5PrjAIXSCf67P5ZWUHpNM4wHA4YBfOYAxhnWNRRlHg_CXzC_1JoBYHJVP4Io0Tvj519UjT7PEAM5absqL1tCRvACRd9AcJtQQ_evVU5nH4_Qu0_oEPZhwgwYscK6hStkvJ5sCKoa1tUBnrbRevcSlJCCxfh3lPMA_uGytDIFZfuw8cq09vxHFC_xyeUE3qtf5mR6HuL2R8yvnU6EIx0iEqOvMfvX2ksom4c4rZFpqNozRz9uYRW5RdSL8K-EOuSwJdF-VdT44HjnUKprk5-ZCYhtbR4A2s2B32wWLv-vOnOVNYOgEA9OyWKrZqwavxPdpMcsapetUyVzPcPFzM2nYP67fHnmFrF7l-pwQQXfSeceGBADAvN4F8XSsfOvmJMYN6e8i7J_KyUJ11ItI4Km2dP4RFvN1VlV58sL_omKUOEz-o2JVMSrj_hiZWx1YPauhRm0s-JEAp6j6vPCCU5blQYrChv8KzqkcSamVd5WrL-8F4dzWIuuh7tPGf5ls7UCkw7YUSO09TsX7HV09p7HNuKs5g7Gl9133qr7SfHr0Xtd03Fa-8uTu-_fWq8nL1lQipeihn5wn5kFVXvf6brtU3VISEv5OBzOXe8dI04EAh-2Bsu2p70cWx_SURbMizitzSyZnU5IjThBPQzkOUxdLUPjH_1tXEYg8lHuoU-6wv4WWxjXt78WiImCfBjgOmQbunM6cnwPmvcU_GeDy4C6IujBYxuwY279FPlnJX76UVlkpohbgnqx48_Fa9Vx62W0Aw9MVpq8umpA67eyMZQ2HJrY9O9XO5f857sy7IF_oWZ9TkLkYH2GJpBxADnzGeKCZPWyLaO4MbVV62yr7CngqjmP2zY6Y_JbAlN3AEqyATLYIJYiRzieQFIIxsNBqGigODUqiloKAr269gfZe17zc-WP_1IWGSh6cjyaE1wjcIl4uT0tLtkk&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=1%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 03 Nov 2022 16:49:20 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3958 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVETyJdvJBrjEpA3BI1pIL5U_NxdsIcEQXy7fsB-3pv3jOogrM4yp7A8TDuL-1UBONnA6Bq_fZsNCE15psGWwvnIQ6GIusJJ9oSp8QzBvQB-aG9WLcuEP17qcJXXG-kA4BDK1K0emCq9Ii9NMTXwUzPDY378jvCEw6WggJXGJItv-ozkF1g0QQZAR2OVcuMBmyY40pyJMzevW1aJxe8wOUR0lXU6Bz4CMfbPflzUTVyoOZ33q1lM6ETPEqXj-w_sZgQ6FIsdMrq2calNdySKtlGb_BwEG8UZtcKdY_R41dm3pIzjGlWTHu0GRgIUROkQTdZdT7ijuG8dsHXOoqk6RAgLb4uOLoVmnxo7Pj_1Xwb0nJ-V2HjC9tHohL4PgXyHPSYiIbcwwlorpC4rFV-daKk8ZW22JuPDU1TrLn5jUPO4wE7IoPgX5N-weaCSfG2D-wOrTI4eNoNeoljPD6bei223ai8qquMBeIRDR9KFqHXpQ0lfK9fsWNvLy1W8R-rdgc0wuQS3RLapYSlxpUL7TZdEFL1NL_vXoFeOe6bzD4k366usGIaD5PTwofvmAoS3BID9NY_hODcSqXPH5DuEbHmsU4aOIWrTYl5t-Y_OehFNL11QOx221O3b1JBCQjVbMp1lgJWCfAJd940OKfQJGdU3YHSJ-d1l6eqabJAPI7PItxoh3Ih6jQqRvUW3SnWmZau4x01KwYUfr-zgpCXuS30rAdTAc--8iiXYENIG1UkLcaLpHmj79L6A0LyxGNVD0FhYwv7rpxEJMKb-xlXSCaGXTe4G3VkRewEjkJyrL2fAVLywezSLTsqCVtAqrW9_BePOEIEpTrVHOG2DafNZkfAvk-z76An6aRl-osPdRybQXRPYAyTsyFtf2rz-FutO-ejdseax1hcSRHG92bLo-rfUdfuShf8OdGU_P2Z6BX-8NJT1V-l6UclSyLYP2Oes_qoG-j-jXKu-tZcAB3AaEaaYaeA_Jgw1m8oB6Ig2Pff4LOfw5G6Ztq5jojzcLA01cb7kvh1jMTMZ4xHAcX5veYXZRQJMv4VISsQNnYewnGL5qCmrxrYawNwY8AsearEAcnkBHWvJBvU9FgI6mLZ-gPK2LCv1I66YdSNOv92no_pedVoZ5pi7qD4L8UuRb6eJRnyQSLl4CO8J45QA-MjIkMGNjVlyiaEv5XTOkjVXpORCMf6ntErPE8r76OBnikE-WZ7aR4QSDsObg-Pv4E1ec7bldGfSJoJneX1ANGFkafGs8NCYzulAbZRTzklXz38aP-NkdMtFnhuYlSUcZdStdLlSyfTSOc0whzw9XjT3b0cfY1NwDtF0fKqtr13lG5ebuMLd9jVPxo04A&sai=AMfl-YTUvoelJ5VfiQe-RcqFIW_MmgSJm-WRIo31GjzXT3Y3GhT_2OgO-e0CqaW75Es0BtPvVzrtoo3RaWpOcfl2Wua0GDH1u8-AEP6UbwoWSNn5msTcAwdw3JHmn4HSOzwxiXJVnSUFTxBWZjJs2I0EUuwJoLx85oMf45U6j-S4DThqqWrbZ93Me3BKRnaWhG8N7fcLnl7Zj-_ZA4ROF8iNKqNi6C4NNf9QX6s50XEgFlHwmgsL-iOrZBBULeHKoq7x0OWfOoHWjMoC6xH6JWOKjZpFK-yIP-d5KNwfa2E&sig=Cg0ArKJSzGtTtOAeqHtbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=281&vt=11&dtpt=280&dett=2&cstd=0&cisv=r20221101.50388&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKTLG9d6WGIfotY9WzZNUI9h2gyPSfCrowkSZMxyoDkstNwzDNZS-iVsSTQUF7DxOtW0hVXeQE8UhFC-5MvbxpSf3woA&cry=1&dbm_d=AKAmf-CiXeOz1JQYIPo7TB7BSbpB26n43r66n-ad-1r9jXxEePiUd3mCf7uEQNKLWgrg2B2nDQwEIF52OI3kaaE01-_lOMFnw6mB-yodCNfQdSs6E_ki6FqUcNTWqyUydam-5te42u8BGPvDaTAyvnhIf_CWAyHt_TKgWl6ELnKAUnMh125dvcRNzNgmvAq9ARUlLu03iy-0q4olcTpAcUIsar7_ANRxjx_1-H0zRGNlgru5KP9H2-NSZJrUXm2Qwp3wSts_rlTL3vPzd2P5-ZXqMEflPCmsMeuzMaKvp5zV02XqiXBHY2x5uWG7Lzqtd_qsWbr10B4gbq1bG9kAdQivYXLT-l_hYAEL6KfeZy2w_gVYt0h6zUcwKLD2oc5YN4V3st1ot8NXj9zG1prxxLZjlprh-fc0vNrh9dulZZkny_-ImrOETbDO4YN90aGIs_mirBp9uPGrOg6g00c6H_kNoq-wEyo7m247MLlloO_ExZsd8d6IFz4YrlCsFRWppDX0MSBs2odU_GQqnIGD1ZMx33U0C8h-2GNuCAgvs9ZR7pnnXLn64w6vbNRREJNr0FkjsHT6DkXyx25WxWTs3TQulvnlHPvCYfTIle1iZcwXKrbxWUzgN9O28TdqcqndhlMMa0jo7dU973ncYNNOSOlvy43kwkJe-HG6rE1PEGXM2Zw_q0-53bkgsyAWqWOTXNBBHAQK1RGafQ_iYYDYk1YcucmTs6xR_cRL3okDz7Rz_VISLd_813Zr5unD7eKAiQuqwo4Wrt7nXlrTPmPNoS8Z8MwRmPc05RNuyx-a4PXL2_tT5djWEa4ZYVcMe--Rtw4JTsk94kzArcwkNO64Fh-e9AgRGfJfGf0-lHB_xxGzPjwgFJOaP86XTLNTh-9yGFxN6AY5Iq5iInDTCIwxo3ATTzzwLmBjLSTEOemmv1HRyrXMsCmPKonUhn3aswXrudKx9pO26n_lkVmm1CeEjxC7beyxjBVPWrRYunMSluaYZabb2eOOshk83Z9QF5sIqS74CwOzB_Bp9RYkY_K_fLVE3Lm_htanIRnTQyJCGLA0D7c9Zdqg10VgRWF1MO-yYpukMDySBcnM0F0fDSut6hthNEWsYvcIwzg2gRe9Hd_FKLxa4kL0UTO--7cQr2mi9boTokE1OH0Ypgn3cIaEBHGElpnBA9nLBPsFSklRJ7_kZ4YupdLF9XZJWWd570giqPInOZpWn1OKkaJv3ZNQfHqiLNmWkr8hT-fDaucIu3I7jd87_o6K1z_T39EIMAJlKZMbzo5EW_di6-KybfoNid-BO4yBjxBzyKrcUejw6qKfIRv7jZ3hXRz24aXHqsbpQ92Uzw2Xg0OjRe4csxt6lq2SyJIX-GMizmoo5GKMcwy5JD6FBbnaqR_RUXP8XuQhO85BV-6ZNd8MKgDyF74rJDN99hjpJje0Zbvs_-PHjKNZu6o7uJkXx95ihd7762Y_pyEw8zGphNDMXb7ap70tMY0rsMydzsi3i9VZSlhXZ14SfSY8sjpuYkmRNF1cKjK5hYmXHSMXTsUPxC-FfnuuBN8MgO98Xbf0Q3juPjUqpg26HqoReHAjfPYeUrMovW4n3T1NvzCaQfwjKLl9HKbVmMJz_vSlb3F3iytD6NowOSUp9VvH2kCF-npdHudZWEJfsYtTd4ieKoHHhXO82OOD3W3sKtZ6pmYW9O4BydAY-Ow93yehNsTXA9jS253dipeb1BxnhEHo3vuaAFlAT2Ma8w_l4i5hyxkKkWINyh-0bHtT3AEoOzPr5p8rcuiQeLENlCXoHP2M6wH9IR5fannTsfX-B8mYlz9bi3vGvizeFNx9XAFWgL2JZ7CxcDvrfEAPM0OP3wtFvHaiwKA7_Wyf-iynPHTh0_-rrghUiKCzC--jPoCV9hvYGSEBanZJBUwts27476cuGdbZlIXOIRPm4Kpo-5Dl40vWVGktvw_V-27IzmlG_hLn50OeoTH-bI0FLepa1L3kZdb-xFwZsU2BTBtbsldkHJTKyL47baMmRGgYcbPsWa1YlAwY4uExZqQDK43tYiV-x_AzUAF74_kl_D8OBksE__wv71z4URYpQTQHsddRCDSj_Y-118eyoDa4Cc58uZ3EL2O-Jyrqt-IH9cpNy4mEqd7-tQ64MXwP1D3mCtM-gMJPknxonlpLnJ5qhpE7N3He4todPe7uTWMYMw8ShEQUkgA4hc688xDN0Vhzld4Rpoxkt5E9YxH5OapUxv7W-gyx2eya8Fhe46ilu6SF9EejGPQpkADzWS0RzW43rcccfvbIw-cGkOwJTWVMwN1bE7cAbVRKjR8QdyfpxA-SaOehNJnOyqZAin824ZKitt9wri3RgrLtO80Pl_wCZxKvgd3y9yO1XhF4_A1j6i4pCh1VxxttqrRkUtdAvTk0LN5zfeVaKDGtpdyJMl-yvdK7ksY3G3-95cBeY2oRjmPgYWgD7cN3JESL_jKwlhQY0DK70Wwx-LSKwbFK5imzJM3BY4v9FvSOeOw5D-dNcv6SfCCJVroA8W_x4-lctC6W6O_18xi0rWbckziq30l5VFN-CG6B5i16K7hBxUkWsOLpuG4iJM1iJwotQmwQxywFsQbUAuPKE8urG69XGtjlf4Z6A7QJwYW6sB2HT_kWPEuBG5VoBgFh_shR5sLhsU9AC41cRpYuvdX1lQpLxCkjYFKyRCf_49HnLkgwpxpkI-sAhfEuXVxhqi4ba5qy5xufG1fTWvIgUKMk7TTLqoAjDbs0QgTF5bvFhzaAf8iIsnbwUSstuaC-edwsdVM4gGyle8oii1jG04jgYavT9ku5UT5FPgSKqQ9dgf3HgqXwtRnWzEXoZ5uQDSke_D7Lj7bhAd-608YpUXOPLuOZwoMZiiyv9YmTpE0oqxLLKZjCjx1qdUNNJZdMKGWBIVvuVcVFSE1O-ZAhRDD8eRIUjsuvM6haKHb9TnIV4Ud_5zsyFEbXisEeCVDRvr6epqoNTWIPmSDh0gmZ-lyPzTDfHhSalcg-mScfxMBvFjmT146FgqdiiGvBp3znRAM5mwGAjdz8ztCDIITL3hypPKMtATeSZBBw3zisUNmzQ798DJW_j5Xmd-otio1c7s8HLzpeYPCkWpqLJ1XVPq1u-3cYLQ6I7bRoi_JBtVwCyYLuG9389NttqbQ_rGtFGHBoD49nGo5Ar2SeBtqzT025uYcDH8UEy_Q502Z7OVmmxMVjarBVNjS5urqdycifvClZfwz0WDTz95RsNYDCumdvOG-2y_Sv1F8nkcjwt3nEymAo5sXRL7wD810vour-duViWIs8toVzgh-kWrjAOq-FF3JUCX6N0jFlN13OTQkb0ywPr_bdiv1P3PBkSg05-i7v0s9_2esRJDNu0MI5pvbjhPbvwPvzfJ_prUVOT8HEPZmt1www1g736eEnDeipopxQnz4jDmK7I5Ak0sGGp720Xyrnkt5fAgLrnvYeyz9ir9XZjshX6zsyI87YbaOBv0ojpUj6DqPu_a_yyiWB-1i714KS0kNKlOUseD7hAPr2&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&rfl=2%2Chttps%253A%252F%252Fmicrosoft-office-business.updatestar.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 03 Nov 2022 16:49:20 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 3CEB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
537633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 11:28:47 GMT
5
r5---sn-4g5edn6k.c.2mdn.net/videoplayback/id/0e20f587e1ab6e4a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699030160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 3CEB
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/0e20f587e1ab6e4a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699030160/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r5---sn-25glene6.c.2mdn.net/videoplayback/id/0e20f587e1ab6e4a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699030160/sparams/acao,ctier,expire,id,ip,ipbits,ita...
  • https://r5---sn-4g5edn6k.c.2mdn.net/videoplayback/id/0e20f587e1ab6e4a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699030160/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edn6k.c.2mdn.net/videoplayback/id/0e20f587e1ab6e4a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699030160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/089FA6E2CF1123A161964DAC41A6F626377615EE.484869E971F5ADA148F3483D04056F34EF747C30/key/cms1/mh/pg/pl/52/redirect_counter/1/rm/sn-25gk676/req_id/5520b9fe3ef9a3ee/cms_redirect/yes/mip/2001:41d0:8:d154::15/mm/34/mn/sn-4g5edn6k/ms/ltu/mt/1667493907/mv/m/mvi/5?file=file.mp4
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:d::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 16:49:21 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2171882
Last-Modified
Wed, 28 Sep 2022 15:16:21 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 03 Nov 2022 16:49:21 GMT

Redirect headers

Date
Thu, 03 Nov 2022 16:49:21 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://r5---sn-4g5edn6k.c.2mdn.net/videoplayback/id/0e20f587e1ab6e4a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699030160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/089FA6E2CF1123A161964DAC41A6F626377615EE.484869E971F5ADA148F3483D04056F34EF747C30/key/cms1/mh/pg/pl/52/redirect_counter/1/rm/sn-25gk676/req_id/5520b9fe3ef9a3ee/cms_redirect/yes/mip/2001:41d0:8:d154::15/mm/34/mn/sn-4g5edn6k/ms/ltu/mt/1667493907/mv/m/mvi/5?file=file.mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Connection
close
Timing-Allow-Origin
null
Content-Length
0
Expires
Thu, 03 Nov 2022 16:49:21 GMT
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 084F 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: microsoft-office-business.updatestar.com
URL: https://microsoft-office-business.updatestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 11:38:29 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1D57
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:21 GMT
expires
Thu, 03 Nov 2022 16:49:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:21 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 60D3 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 11:38:29 GMT
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame E383 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 11:38:29 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 9E36 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
30389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 08:22:52 GMT
expires
Fri, 03 Nov 2023 08:22:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame FE87 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 11:38:29 GMT
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 8D3A 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 11:38:29 GMT
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 70A5 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 11:38:29 GMT
all
csm.eu.criteo.net/ Frame 2CFE 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZJ6-nKvIoenLm6Z0CL9wdw-S361y2Hym0FI4AF7mAnyQ0MY1vGOwsfTqEKr21kbfACrzz72Slcs9GqqEJFn2UuzO0nTSGTiVvvX13bg3ogH73XV6Kq_W_3hF1Iw5ne1EaXKWTSOz53ybSSx8TZwYe_AjhfTCLvJW3OgKHDKKvVL0bdTs_WO7_hmN_a9PVjFpZcgIdR6ZQ4XWZfb06BAjUQJlIf4vs92bAdU57uFlLKC8K_mAUPgi8mAYGSUv4fUZbsSEhw&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2PxDgAIDzMCHkzyAAMRh6BAQYPVQrim-BAawg&u=%7C4X1HAoGZIPRW5J1vFEZLDgdvjFKrmNMB2t8f%2BcdoJzc%3D%7C&c1=jWCgqsKSUoVA42tcNcdkdwFB4TXIwTe3vqml76r_F-idWeQzddvrrfc8BBRqaqmpp0In0VDSd0CbpHWurql39_agZP6kmpIAcWYktk5xa5hRheNfTdsI6TWcaScSoS-YncJCYgZXZQbG1lYfDi8pVJmZP1T2QCAULw5sGY1px1QILlSG88vjsnSrINXfMZvlKIVXExllK6uQmDI7ya9NrvJgQU-21hWU1I1EPh1h7G0NuUzR41MxecvyyecctqaMLGXBmMqDOQikKDK_OyQgnZWAPgx76zOE9Mt8OAf90cznN1QYTp-wsV9UIluJUp31ODO_hexwrtwsqIR1yNZ2l5Y1htnyxLaMHw9QQe_iYCCfdZ92WEB-dQpY-S45QuO1qGOs8VI-ELX0U0zUdaSkz0efVCEBXGIkaLmW_Rsx31NOV44jPoOI157sxi966ScSjV6YCTiiX5Lbnf5_wH2aGrYR2fQ6FyoPHcIiM_yo7EWIVaZlFKJP9Q3pt2PNVk_ViA7tozezX-CKaHH-LrzOVllduYZIJdv0pmQ2CX1S-aDvjzfeqZvjAZJEnXQLdBFQalvNgr99cVBC_80lp317cXRWrq_WEHpuSDL3ItYDrSv-279Uv11pD1vTYUOinDV8z76O8nMgx2A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSnYtDvFjY7OeIPKZ-cAPh6OM8A_JntKxXNX24taTAcCNtwEQASAAYPsBggEXY2EtcHViLTQxMTg3NjU3NDQ0NTUzOTfIAQmpAsXQbvIBXrA-qAMBqgTxAU_QFMonzmZ00d1QCtdyoMXDl4RArvAwsP_ZvmUGGA9XecZOQ9OricjlhSwghFaoewv8eM9Ie5XHn6wjy5QSG5dbyBFrTNLtxMHnDvrAQOebzgyZzkXqTaWY80zGIgU2Z7t44u016-fWx5l5v9n1ptYudIwN4jM64P7AeWSMnBwtnzCLXJKapoFlp-E0mT3ikcyniN774EMseyUmlrCdArq_3Slwg5TOAKhOr9BvSkDA3PXnItFq-DqMD94vYVEQQxg6Jjf5lVqMr2KqgZMMeclYCeVS2XWuXiCEPOhMxD0eYkAVA4LjYgq4KEdEkoKIDCKABtWA-b6K9eXbf6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2rmRXSVwnzz-mnQQEGbVEgClrIFg%26client%3Dca-pub-4118765744455397%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 03 Nov 2022 16:49:20 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 9E36 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 11:38:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022103101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdd7fd40753c8befc8265d564da042a8615b9c9d68974d7faeb5361202481438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11088
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 16:49:21 GMT
5
r5---sn-4g5edn6k.c.2mdn.net/videoplayback/id/0e20f587e1ab6e4a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699030160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 3CEB 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edn6k.c.2mdn.net/videoplayback/id/0e20f587e1ab6e4a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699030160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/089FA6E2CF1123A161964DAC41A6F626377615EE.484869E971F5ADA148F3483D04056F34EF747C30/key/cms1/mh/pg/pl/52/redirect_counter/1/rm/sn-25gk676/req_id/5520b9fe3ef9a3ee/cms_redirect/yes/mip/2001:41d0:8:d154::15/mm/34/mn/sn-4g5edn6k/ms/ltu/mt/1667493907/mv/m/mvi/5?file=file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:d::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
1049975c8d07e18949efe11b0b6dfd523ce25116d4abfe5be27439f258665d2f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range
bytes=0-

Response headers

expires
Thu, 03 Nov 2022 16:49:21 GMT
date
Thu, 03 Nov 2022 16:49:21 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2171881/2171882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2171882
last-modified
Wed, 28 Sep 2022 15:16:21 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
client-protocol
quic
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 89A5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
2214
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:12:27 GMT
expires
Fri, 03 Nov 2023 16:12:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CE12 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
79008983dd2a495d1303af71468ac9d1201ee03b3a3cfb5f9e350509059622a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EdLFbp7H62ZCGGXB_7IAQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://microsoft-office-business.updatestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-EdLFbp7H62ZCGGXB_7IAQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 16:49:21 GMT
expires
Thu, 03 Nov 2022 16:49:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame E383 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BazcCEPFjY5-YG-y6x_APrfan2A8AAAAAOAHgBAI&bg=!mpmlmd3NAAZPh4lnb4c7ACkAdvg8WmG2acFJ4X-7VmoxLLntMRU4B4WW75w1jTnG3tiQhs9hafzeFAIAAAFbUgAAAANoAQeZA1S0F0Qj6RTUOPF5WDeZCoaToZag_pZsmJwpqIu14mo0t7K5y7KCrtaDR7nxdScBJcZbIbZ1S_OjuqIqEcJmqnbqSjfZcyuHahlS1Zjp7U7xKMPziuyAv_tcQVREIEgRJ-N3HaVwFzB1SsxAA6hYzOsyEcHq0vmLu97HGDsmp5LNGAHQL1hE2DPPRRjQWajFHuvuwfvWYRSa17YtrNyAS5mtN-4m43WFncQerdRPZMtuJQgl5FlUnciOPteHjqEfo7KAqoemQHP-K6X3WjExba3qcwt_nKtAdgQDSt8FNkfimw_WANxyM1Oayb5x2zaAgWLZmd_ZWtqb1Eq6KqXFy5k8EnlF6SoL5GTgMxXqsEoZpv2xBT-Eh3HYvl1UCvsqISlFaAyXF9i6UHl0QrNSqDnfdAU0_oHmTYKb4zxvCxtbxU-GQ1WJtv6i6P4Y0giu4GWLh4kiJWpttI0tgkimknAlc6IqUM010WaUalXCKS_edi_5znTDTHVywaplY_2vMWJKyknJsOczTveStywm1wTDN2IOCsxcIzQuXOri2kj-0IEtdX0T0qpKw9GDcxbuPaJK2xQnIn-GDn8s3jsCW9xrXma89b7SghV6_SOHCUVcZ-FiOdJbHbuiH9ISX-qSEZn9onpdL1ws-o4sKtg7u-W4sjScYEOwshGvpPmlZkOvmC_C3_-C1f75t_lEzvGg0EdfHJ0xGq0zJIJCqtfPs7Q7vT4c2nScozPUBkJl9Kd_IpeI_EmRFOMABA4QoRI74fu6Bf5KInTArb-j6ghC0gk8-D_pxoq28mEFZUM52-b1dgpcfBGlN9V-fPmBSlC9lZ60L6FEa9S1A7PPfazMja6nLszsfHTxQ5py6wjqZM42-RKn8SkQotA8-CnJchfn3PCbK0vOJqV96OyUgCGVAXUz95j0EG1gJRBipDRiGWOqc7_TpETexOXB7WrcZ9dtRF2ztWtFku4sxpLdYHxkFB-8bI_ADOWh30anpOYVbuRrbp86bkuM9bcC9WOe4qE0e3dbX2FdPYBy_PVJyeFC4Qi37iv3vHrNAjTNU0iyYPqwaoE441NesDJZ1ZcfM3ND0kh0KlEg8R4wiF_Nszvc7AvdEMfmA0ibQ74bZ10az1gd3MJAm5A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE87 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOYqkEPFjY5WLHYrBx_APwuCMkA0AAAAAOAHgBAI&bg=!3N-l35vNAAZPh4lnb4c7ACkAdvg8WrngtVSLmxgn_HI0rRpdpUeIMAgXslMzjL0WsZAqjulYBCRdcQIAAAFMUgAAAANoAQcKAE8muHNcD55JfB7NiZxPv31iWh0KA5JPZ_DO1k0Z1B0fIVBcDqsvp68A62OPMDDHLLOEtl9_-9LOoVzX3CRc0kkNB23NNapGyHF0IbigfMwxmQMWbvFoXSsbg94DOQvI-Cv6G5JlUI6N4GNanbAwN1Ud33qnDj_g1FvcSx_XNJeH0snudhkO_6zuA21nO0T7rc15Ep1qowwI_cYnf0ylYq3xkghpby9ee_YRtipCYdaS-T5ZVjd7SHpfFUa9bA2X1CZXnUrfLbdYu-RaC0YFixWp5_wyntGjQrjGIYS_8xBSg0S5INq7CbSM-WRtT2XK06d3jWkCKFOFrjyhwjzgs1cQpwATQZ4wKuZfiSrntsMv37i7X6dM1R9zZfnZubr9ebpHs9Hd7E1Hy46LyQf1WPcHmk2pAgc6rBeDIKAI7zfhmbTivgfnSjG3lLXyfyZoKgnL1TuNMA7y1b0vtNazO4KQWXcnhGJnsfJamuMGy4B1X07JkRIdSC4vE70mPVg5OviBjLDtxtztzlqLAORZfyMDZywsH2C6YyDLqrPzjQJ_9wCe-GqauDzA8WWK1X0ICJL7-1aAi_F40m9Jp9qrvpQo5NiBTilTlI4HNH_MyZznqFUtlQCSt49Fh519IjlDfCLkTbGLgQBHdAX4EijzlRVBmCgCsKn84Tyfe2Lx_6gN6tP_df-cEi6tPABdV1WdCFFDpTqsqZHcM3i987bhGrK_2fQTR9J6BVJzuPMltnWmzj0NG5I9RIx8J78IFSXQxp0NbVqh79eAfVaw1EAG20RniwdrWh0osWp24fwWCUn-rmcnDpSha91w21s2w4dA48OT0HrIxDYIojhlgkVONOzCFryARNKnsctaqN19t6GtNeDK49s6yqlozeVC5IrZSSkFZFGm24R3_qoQNbEQR4Gwv7g3MJgPEwzMmVPVF9SNNIt0ZOPXQFH8r3CwDM4uHsaESNNYR-ER681DQa_fU6430tzg08pw9gubkfZZhyHneb0qIk1VE1t5f4e91Sdnb6YulPWvciw4qnJZPafnJzKBPN2zvfn8S7cRPtqvPciNM7miGHHJDZdxMakhJiUWb9Vc3rFnXp48-BsxNlN4Q0t-U2TH2KZU1WHfMCYMUxmzOAymtOM0sE11uF9-bfb-GEYiLCc3a9SX7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D3A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxoV4EPFjY8mgHc2RgQfekqzQCQAAAAA4AeAEAg&bg=!r6ylrOjNAAZPh4lnb4c7ACkAdvg8WrraHnZB-5NvOe59FtfTXXeu4mnYLXSY4RLWGasYbaKxcT0Z4gIAAAFCUgAAAAJoAQeZA0mizRcxW9D1tPY1iPUzhTRA3qycMQ1QA2KspO9fckVLFWyEwefjxwNOm6pNSU2gSEUefnF8c9qpH4R61gMq-jZ9uDMQ1eM-xvcFY0g1fC128aNoX-oDk975Wq65WJwYIeYgJLViiRG9L1X02IQs2pw94N9imCj3Oba4E8HYiep6x6uNThnOU0gGcuCHBp9ft_0YONRngVBZS-Od_SRuMmqXWoDMnmwOyIhXN-uq2348UGXwv3QH_E4s_4ER0Lz8preOZhuigCK-T0h9lL9W5FVDAlqufkxKaVe67Vq_-oceknqJ8SmY4ZS94ekfgaH8pGKdfLd3Q6bXbhYMdJSHq530m15sUV9iklPT6RUydXfaZihIJ3Nhk1A9KTv0dnGosHDyTG-6x9rveNIat4yZTJ-eV_r7BzeNQNhVcMhWwy2PqZgh6kB2LTyPXze4du-qYbeB64DLcPj8vGCrfLSwTH_nbjH_U3PX3Z_GKS7rB4YqTjKIWhcrfTQXYCwzbmWwxE2JvWJ3OLdEtQBnGtUl5Y56BOfQWhDHfjc4CiXpOsJPqVOJzm6iEZwpYjvWyBRPOAS95GCOempTeSoVKq-4nGUGAfaF7MpD_ULOoB25-SH7buC_b7CjdbRbyi5JociqABvFkAmMfLxeFg4ocBM_SzyQWQDG2uFJGDwLRNaBa_4E_iHPXCEcovCnxO6d_zgAGIuFDMJDlxJ984LzhP3fwPN-CsGpklfTFOy8N94NQhmY6OTDzY_iw6dK9teSy57qgS0qnlZW4cE3PuAbC_JMGsLa3ZiTNEOCdiNvgB-0w0dVCCrs3Yd2ZwbklC7WWB9s9vQgRK_x0PlPdM_tH34DgjOHvAWyJfQ2F3vTBYE650Bc5zMvrkrvXzxL1wmErGPetNpH6g1ZCzmNU-SjjlsGek2Uw8An52fP83-8ukF3CyGdEfKdpy9t_MfHH2XYnGeJt77VTjPQi7FHzJ5xTGmGAFsau8suC0XP4oy0HL4W7pFUfotGKLu0Um_PBIyT3htD1rBQceE-fdz9k8Bfkhz2nZGaZsTYfYm8EU2Hi__1VdJWTXz3YRsksg1O-2IXc-B0gFPDIABlmxtF2zSRIx08H9KCGoKhZ_bwIiqw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 70A5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bo77JEPFjY__BHZKfgAerh5HgCwAAAAA4AeAEAg&bg=!QkGlQQXNAAZPh4lnb4c7ACkAdvg8WgZm_16048vNhDRuu626sx5vEZaTjhdSelTEk1DNjEsgpFgg3AIAAAE7UgAAAAJoAQcKAD2tLIPnRKkgyRHR3zx40A9ugSQFQRN4qskn4_Ht2RHehmBfT45q6htj1ciDfut-2QuaGEW8FctRWAFy9meOmQL60DYYaIfB-E7hgGv19Y1JS2ojlrgn_2-DqmvpkR5Pai-eAQcOq_mqhfNjojFibkowMf3YKU2POZRn0WVLFkqtz2nMwvHUApXBAVWNQxkyEBypqh7yE4EXzqVMXJT6aVWkTOee_a8lYjiweRovN3pi6QkjruLXgY5mhe4XdBFsRWkeQTO40pQllxbxEb2u_7nDn-vOq9zePjmXm0nVuntLf3kVSMypJApRgQICcvUOJXxlg93YH-tFyWGmSSaUgIZeykF2Z31yxLv_Eci2rIcHM4i04iG2hF-ZrQqxKrXfXBHe9GMc5r4_AyDOLJsdkJHNZqnMcaPhz3RjvWNkPYKK6dnBOk7HKYP8qBu4VHAtUS7MDuIVpLCQx-YZYGuFvjtcQBNuBwrTcE-pjqRItWn7ffjj7FtjhUozMvK0BnjgZkl5ONhlmy4fRzwhzwncILHReAhssK0VxJZAXc8v3fUTIAkxWDna7nfbV1889QxA0kmiAWGsh014SNLY3dg_PRqI3THSega3sSiNF4iyAWub1vinV41c-uQd3G8pt-_VEE6Qssi4RZTTtTG3PfoGFPvb5Z3t6IXxo6ROGgB78m_DkBMr9lH76mFXHox_IQJLs9icvTq3EGEk1NscbWcd7ePPfF8VhFqJLZWcLPWUvoyW961NfOx6dB8TlKBk_I-NLI2_yEI19uugk1iVPuRX0YRhli3wviOPlPimRN8ukw5g-75uNkAuKrgQoHRo2W8Uk1Nv7yZUw2Jdj0nFUGjZ7ccbFSgK2KCgaRKElWIPofBFuohXGF-8v6B8FnF99dHbEH1JkeDad9SoOn0bfPm8qpYw64Yeo-WzvcS7IOowodtQS96K77gJ0RzaVPPVESrIuDx-JHvT8R_MJcun5zKkX4tOTc5FkELnYkx1tCSV3duv_0NxP2-eOFN6zVik_VkUrzQjQO4083Flrf2B433nSXz5a61HiksymmM1jHkYchTFQA_6VQ3Xg3ioHR_5LJnv-XhwlxfFO-_os5no
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 89A5 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 11:38:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CE12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022103101&jk=3114586240850031&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E36 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BpzBeEPFjY9z7M5SP1wb7p4GQDAAAAAA4AeAEAg&bg=!MzClMHTNAAZPh4lnb4c7ACkAdvg8WtzNvTEfW9WuZahu3-NUVoftZuxipi7Cale6zEQZXXMtwe6jygIAAAECUgAAAAJoAQcKACH3yQt2y1tfBMjcGdrk8P2ik1uykO3SlIkHsPNrZLOS0TCZAv66i4NqUYIh8puCQ7Hz0EzoAjGKIHLvgusfcddileEEyvjI1PexlRb0zU_CTBuvGV9BJjqelk39y4TI5y7S9nP_HIoolzZdG_88r9yNgmqGvH1mFfqHIqw6zYDGAWhpi9wE8AbrdNpTsMnXhJtvOmWe4vvXHBlq2szGn7SaHXBI9DMxxl9CTpf32cmQ4C1b7qRSPiPO0aks1NxdrSD2Y4DlpSklWv2HwmgUCQpw9kg6D5z4C6xBAAlhsBsBtMgk4AVONYfVJiJC5i6cjOM_XQlH7xxKxZtDOnEYKfx3N5FrRZFV3TGPhOP0oc4P4XsLrAIy9n6j0pPho9R5COEmA3Gmi83d7ScNz-3frLLDeNVfbI9VY67j43WDEp7zipn7nsG6WvqVE39hubvOyuXB7N3q2yCfJc8YKHen2G9ng0HXgGZLsVKdekBzKot0DfnApCnymRTgJE68hvmVdMKe5a0qUpDCSG1YKruK7XXaDoxF2d5UfXi5aXBrkMoApdVv0IivwsAuiuR6jWibJNn_C5HzFXipAFKR66LOtNdQ68zup_Zy7ewyiRoBnc9lppBwBy1VMz3RjQwE2Wuu9AsbhXSqsdtju_Z0QiInLe9ogndeC0A5wGD2fUeeXkhbQUR81_VE0tzmf5qNmLlXYM29n1ZrmDtBesu9xBYTmwlx1H4nRvdy8LNE8QtiH0kbb_8Otxv-d09-7kYZjh-u6xk_03ZdBr5jWgLi75wGHKnPOO4P3KSo-Hxmyeu6X1eDAAHlOt4BBVnI_P8fOKJd-6XEBrTBpOr5q6E9IEkj9w5j9lJsxHNxj2SWVEmFzXAy--I96e7Nkcu5XjcPTJlD9irBcyC8sbXwve-o7IeMuDw_LSgVCBGsTNaSquzwr0iLwxlwOF8I2zbcNIFGYyEGGfGG7p8gQcV8KUntt0wr5tESlSQiaeTypg6WgtBh-EtIpmXuzYiPGKUXTSqZZUfrM1NE1rVR1AaUd4u0xCu-TU9AhMYGOkgSIN7PwjjfMq-l9dsL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 89A5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?eZzwDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:49:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F026 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIWd_hZmPEugMRjUPTRnwBb_VLAw9g5UeLRe7rUtt-kRGXtZGkyWbdGQXa6LpppFW-Rd0leNEYQMXD3UTwdjVdKUABzTOj_TqDxpC_qMwkRLFdK2vjS5JnDH__Mhy3ZCAUc3RMkA&sai=AMfl-YT4I3H9CsvNsqagW1fQY1IOuJNegOh--RbmKivV0Sa5yyERkLAsQuw87_QdtQrXaGxQ-13m7j7VdfC5CO5fXu3lOpRC_0M6hyKmJs-zVP2EmM4y_xMEPIb8CA111er1KKUVXdaCMeR82CtLCjw&sig=Cg0ArKJSzIjtnL8P7BvpEAE&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&id=lidar2&mcvt=1000&p=527,191,1127,351&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2459160219&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667494160258&rpt=591&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 276D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssW6Xp3DV3bgdalGFW3WrjkNomi8qg2iyf1Th4W-2dSm1d7vp1ShZHlBxdr6illd1Q_5LAwqW_1XwEycsl5KP7qrJyKifmeBf2VMWgPcNj-nxrsSyYtB2IEvi7IR0ZidzCaRTZsYg&sai=AMfl-YRq4TKZ8FWlcVsm63wFdgZ_3PLid9y15I6YIJf5xZUpnkx9U_BSwu5UaoViFOzWJsa14mTiHGlWcO0Lc-D-_nAhPr1xy1Go0_Lw3obK-VyJ7jnwwsqBDS1qZEi-oNIFI8r7-U78BmbjdgtJSNY&sig=Cg0ArKJSzIWSFIVzzlhREAE&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&id=lidar2&mcvt=1000&p=837,1046,1087,1346&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3518012090&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667494160413&rpt=449&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3958 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssedNTsDwOwJ2xAn3Hp4V4NVvRLln6gu2kSKlVx7kDbm2fD2asvzVmnNhXsxAH1CgdeHLN_4IwRcWmTCO6jDvaezyMD4GmSXL_FhsMJIxQ8AmWEh6TA_pFLcenYZXg8aBu3Ft_1yg&sai=AMfl-YR6RHTaKTYRBU8vqPpRFkltMKvHdn0PNcXI0rW_eY-qkCchCgT7fB7h6TG9wHRfmA7BRln47pqkVZJfMTK1kWVYq3bWWvzUUno1Wv72OMQelHUkBriygUR8WLFwNI9WRjIwcQXOMWBT5IcNYBI&sig=Cg0ArKJSzBIMuAjLfWlmEAE&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&id=lidar2&mcvt=1000&p=537,1046,787,1346&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1989851401&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667494160431&rpt=531&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2AA5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfrjJLSUE64QVTVATc_YJJGlelxSA748jvH4ffWozjjNdecBYE4llEYmILvdb8G48ttzVX1ilinREsj0AeztdKfXrF_j14LQgbR_6g0UbCITwYbLc8GjCmfP0kdrUFU3x0kDgGXw&sai=AMfl-YQMen-IgKAcKib-k03ecMiFrKkgaYzZHu3U8zViUZWoOYkCL7wBdevmE8SAEdJYTztoYjjNFTFRsiQaLX2pznGpSLkGlASDLasJiJfGZQcOM0sHa5MXNbScI-TpORoyyxan1stlYtUJDBhBrDk&sig=Cg0ArKJSzLCWtyQ27fvxEAE&cid=CAQSSwDq26N9-oxoFKcP-qudkJoohMs1H6EWsfXe6okVWQFLJLQlLWmVqGxPzBGCVnFmN6ax2MH3kSqI4odZf2ZCXZeFkn4WYEZB8doNShgBIA4&id=lidar2&mcvt=1004&p=136,392,226,1120&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=54240663&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667494160263&rpt=690&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 73E7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudrqGsZoQYg8nKZ-PiAELDgHmc5WEm8pk3oWcR0SxDlBtsFvWLpR-l70uf_vHqYkowD9PWUFIqZxrqdC0aKOAu1IuL2cCchBNlHsJy2s4eP5AUTZ5fDJAkvd8lcmBpxHb0GbHMLg&sai=AMfl-YSf5khVuPeq9Wxl-ZMAO5nuQUqDN7K_9Ki2ST4w-WdVf_wyBZux9hme4RmFOLcEF9GT3js3eISbnc5x4kY&sig=Cg0ArKJSzKXwIzLx1G_SEAE&cid=CAQSGwDq26N9eHMnJkRCzB0nRwfgo-HVI7kLZymjDRgBIA4&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=399,1000,1000,1000,1000&tos=399,601,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667494160329&rpt=700&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022103101&jk=3114586240850031&bg=!JiWlJWHNAAZPh4lnb4c7ACkAdvg8WgqwIPBPt4snRAeQAgxrD1lQ2oawgPAybQEmEWBwb3xWy70vFAIAAAB8UgAAAANoAQcKAFX1j3v60G7XnlYlcbBnfhaEjywMiXTF3cs14rZy9MTDQO5BhLrr9Oul6fm_ZsK2cpyLUnogXWwtAdZ9rJ7NZps4blPOQhxYdMTZdpXyXjWWEIDG1lywmQLFmC5fTKANjWo2y1Hn1Tts1RBqprjIzrqQw8kpEZzladEtVTtwUlzFRgPZPvFU0Ds20rE-YESFDQMqNBdRZXRAKvfbdxPtvkQ0hq1BJwP5NAGRnh9zctYsER6B3bgc2uiiOGQtjGqaMw-Y5Ml-6BXgVSnbcaV-eRHeB7zr0Bc7yETpckAaD1TL_KbXb6lituf2OT3fbT_XLRgG5u-3jy1C-IGtSnmt5APmiu5HPhGVYRGl1UZPW6K5sin3oLAdzsk28QL2VWjhoYqz95KEexHVlPAiyGDuzb3VrVmATROxzgJMFsml-e87MQs6FBZGfu8eO5PZ01Ed0E-SF13NVRq6wlZ17IpGYdA7NJHmb2YGouSWkbXxP_UTBGyKUqSf8xAIdEwkbhmnWjEyPVgiWW4s8jmqbefRSabIGzGbMtqhdYPV4OlBcI2qxaXjQdHmZPOrb4Vatha_raN0Vi2lIzm76bszIzGRk7KMwJADU8dL65eWQ907CFluqPA2sDz47gT618aEJgzvKBfCYTV7Or7LKdGMIpxohRJMMFNDAfFSS0KFpGonVqJHOEKH7r8XPVZQmvCXck-G0RHlIbCjx5WGgwA7zq905qiKVbMSkAo0Npg_kUfATUaxlDBsmgCJd_bjXTuiSt3l6X1WYQK4qkU1xotF5hf2htm9em-TYSRPQyIOZ-D4rc9QUilFBtIm3O6ebL2DfHFfC02nNpGVUwPY5ZTdyb9KDamuPJxqCGk21m8pnarWbvqAYGYkwYAgbzFyjlFAZIyiH_S4QJEMjNySWR8IqiWLKOLFD8bCoOzjDE4MDgkzWhV4I8_16toRFkAUbz9XPLwNCWvwWiJWtvsciJlpbhbGSMGxu2X6tKRa8op_HeCCn8K5x3Dvl09sLHoaF_VLpViveWWUwMX2YJIYSTnAMhRTNnGi5aEx4dNk40bSnMUh0w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://microsoft-office-business.updatestar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 3CEB 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~la1aywz0&c=6320438675451&slotId=3160219337725.5&qqid=CMLd5ee7kvsCFYGddwodC4EO1A&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=960&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400b:80c::2003 Naperville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 16:49:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| q function| $ object| googletag object| adsbygoogle function| gtag object| dataLayer object| rc undefined| fc function| installSearchEngine function| jQuery string| searchApiUrl object| ggeac object| google_tag_data object| google_js_reporting_queue function| format function| renderStars object| engine function| SearchIndex function| Bloodhound number| previousWidth number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| leaderboardMapping object| largeRectangleMapping object| mediumRectangleMapping object| skyscraperMapping object| skyscraper3Mapping object| googleToken object| googleIMState function| processGoogleToken function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| google_llp object| GoogleGcLKhOms

15 Cookies

Domain/Path Name / Value
.updatestar.com/ Name: _ga_QYZVPCNV1D
Value: GS1.1.1667494158.1.0.1667494158.0.0.0
.updatestar.com/ Name: _ga
Value: GA1.1.47254813.1667494158
.doubleclick.net/ Name: IDE
Value: AHWqTUl48c47aXrFtbFR7vCXosnHQopzrvzLAdEPgA23tMz1iQT2ypugSNOM8uRUC9w
.updatestar.com/ Name: __gads
Value: ID=0c1d2eed77c5a721:T=1667494158:S=ALNI_MZuKL9qGN2HjTIN-d0OK1tt6vwufA
.updatestar.com/ Name: __gpi
Value: UID=00000b7c63033b1d:T=1667494158:RT=1667494158:S=ALNI_MYdS_smcCMkRVAJZ4HANMFoqDGQfQ
.casalemedia.com/ Name: CMID
Value: Y2PxEPaFEwvTS1TvBjjL0gAA
.casalemedia.com/ Name: CMPS
Value: 1218
.casalemedia.com/ Name: CMPRO
Value: 1218
.adnxs.com/ Name: uuid2
Value: 151036730995210786
.spotxchange.com/ Name: audience
Value: 769b7783-5b97-11ed-8747-17f3d7a10106
.yahoo.com/ Name: A3
Value: d=AQABBBDxY2MCEOO44_XGZMVWQpmKdNlxPhsFEgEBAQFCZWNtYwAAAAAA_eMAAA&S=AQAAAoVTXRDJCMRzpD42M5pllVQ
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVGfWbr?!]tbPl1M>e)ZlrFUfJ+tGXxoT<>N#VVs)=<Hfa2AAkDG_N!s(EX^U7RwRp3(*bpRz*qF1`*b^im)v/.(
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yl~2834
.casalemedia.com/ Name: CMTS
Value: 5138
.doubleclick.net/ Name: DSID
Value: NO_DATA

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4118765744455397&output=html&h=280&slotname=7484580198&adk=3746994897&adf=4043999025&pi=t.ma~as.7484580198&w=587&fwrn=4&fwrnh=100&lmt=1667490505&rafmt=1&format=587x280&url=https%3A%2F%2Fmicrosoft-office-business.updatestar.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494158060&bpp=4&bdt=672&idt=374&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7287618061292&frm=20&pv=1&ga_vid=47254813.1667494158&ga_sid=1667494158&ga_hid=2143820765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C42531706%2C31070616%2C31070664%2C44775017&oid=2&pvsid=3114586240850031&tmod=397930493&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=toGFNNg0WI&p=https%3A//microsoft-office-business.updatestar.com&dtd=381
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.fr
ajax.googleapis.com
bid.g.doubleclick.net
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
csm.eu.criteo.net
dsum-sec.casalemedia.com
eceea4d45b477454832b2e7bde079100.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
microsoft-office-business.updatestar.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
r5---sn-25glene6.c.2mdn.net
r5---sn-4g5edn6k.c.2mdn.net
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.fr.eu.criteo.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
w2.updatestar.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.updatestar.com
104.18.19.126
172.217.16.194
178.250.0.160
18.156.0.31
185.86.139.57
185.89.211.116
185.94.180.126
2001:4860:4802:34::36
216.58.212.162
23.11.239.181
2606:4700::6811:180e
2607:f8b0:400b:80c::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:4001:d::a
2a00:1450:4007:2d::a
2a01:488:67:1000:523:fd96:0:1
2a02:2638:1::17
2a02:2638::2
2a02:2638::3
2a02:2638::b
2a02:2638::c
35.244.159.8
5.35.253.150
74.125.71.154
02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1049975c8d07e18949efe11b0b6dfd523ce25116d4abfe5be27439f258665d2f
118f645cb55a728dcf16084643e5612881b10e9791baa656344baf2b0c6b4a79
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13697b2938b3527230451d30c39cd2212348f6e36d5c6f2bd373c57bd153cad7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19c22b759f0237ac8507dd5377ed3a965a858bb76a115263a303fefdec060b17
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e6a52bdf256f3123a908162e7e216c5f0880d75683f9134532849fbb0e57253
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f7a426a3a38ae195e1d0bd7504788282ea2cc4524f45490f88a76ac7048bf96
20eead7e17d56b571a5ee1cf2d1c7f6ca79bc672fcd01b6e2273a3ec8973033b
21388759ea0ee9cbe63da8a7d89ced01ebb2977c2ec178cc1f2936d3c4e46985
269f2ddaa86e3a5b1fa214679d09569f1de6234f7ccd4c801fb699d06861bd1b
27ff61d4242c41fe3b2b496dee334aa9f7ef3d669e0847b78c49a8ab492c938c
2989c581cd38dc0ddaf63d7d3e391d43bc1df5d9f7122cde73597ef1f3b05f7e
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
349544eac2a5e347ebc6e23a6ca44ab6531e59c40f5d337ddddf1270608ce257
3728c4200575ae429059881bd337d80412973989b3d9dcac88323dd8696bebe6
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38fd859bcbbd6cfac90958b3ec0ffe155f5eee9dd8a2f58f934d3cb41d97b924
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
3a938387de5798d40c10411a056ab3a7d3a03986505081a3174e43e391bd7eda
3aa6ded63388165ecc595833f92cb3b5763405b7b8d384cacf20ab375daf1752
3e432012326bc493c021e47a0e9eed90eea49b1b935190effe5c8b82b3934717
3f388f193f2e7d528ea130c38e8425e561be88f16fcac481dabcd9738a7cc571
434b7e0b584be009c25195884993832ed966bed05cae50f0eb0208b0776b2051
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
499bb7eeb6b3a01d37071e443f1414aaf5a5d35c145a2dab90f45781778ab6ce
4b035ca8208aad679ae8c9985f6611bebbce7f7f95b243c141e94f6f58b072a5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4de6460a419b14ffc39848c6e2679107855ae005eda7e4ed2b9793c4174e7b8f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5213f747687a346a4999a1f0a0004a30e7aa0317d3e3998e2b567ed1d905b044
5262e59e345004d6b323e0527c41b00ecd2b678b254747010fc9cf81910f3ead
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ebd2e1b961bbef77f1bf08b08af4dad8e349dfdf2bfcf7272d314c49cf23276
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620751d88f63f8cf16cf8672ab8c888c890592dd00365251c97924f1e88ffe0e
62e3c38ed32cd8da8a476b0f246d37dfcdd6cc1ee4abc5fa4c4432cab631ef2e
6848765e662841c465d9d9b69c5051d383efe168230eb260fa52518f714b745f
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
6e16cbeacdbd2d1154e8249a41bc885b3778aece5429cf3f619a9d3b71175a35
6eca3a6f04f80dd3903887baf08e3e2bde5d3bef08a3ea803838de3c6f8e26c7
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7298f3997759c168d5d1240f015797e41aa06a61432300f0b42a51f64755ce56
79008983dd2a495d1303af71468ac9d1201ee03b3a3cfb5f9e350509059622a0
817a378df56f074b9785dcce3f8af5bcdb7accc6e587094cfbed07409ad4a854
842fc321bc4cc37a8919759306f1a77b8bc6faae049dc9cf3298e84df2e66de3
86dcceec31f1bcbb21af6ff917e9dbd1d377dd881053f0b0b9cc5b7f5652e0c2
88c4e0a58229c56adbd606848940a072becd8c975428840f50e3c6a662ddf080
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90a9324853167b6a88a2007f41a77daa81d8cc979ccf40e36bb9b5c363648809
90e41462054c1be060e84993528dcd439b424dfd0b3ab6663f37f680cff898e5
947fbcfc93e3daf7cc980dbaf7a27eb33a3b3c18f0bc113370aadc02ed32031a
97e6fbc2a0d1d4af14842e2bff4fa67c9a64f9ba643ba2e65b9477715d3ce954
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
9f299e07e89696907f6e616bc2744e84daed15930d19f5bd281beecb4527c91d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0870afe7927eb83f3cf2479613d4e571e584e2e154220da4c5a324fedb5b2d9
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8ff92f96c6cecb20ff4a2de5860d5d937dd12e05caa772614dcd1455b6ba165
a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293
adce77ec710f232a8fa60a03ef8326fc860af3b5f4691ba6436083bd0a478d9b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9871a9b138517d6cd4d90f3c124f62a93425616ef0ca93cd11868dcdba249e2
bdcc0895910efb7613d6b32a61ddd3a0ea248d74c871b9e12e6cfd674130902d
c105fbbcff50f532580c7e4802dadcd6f1c6cc3ee3e34b848fcf86ebd03e3277
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5b2fd39bdb783e805302f639a8e0ec6c5e0ba2d87c7b6c9cbf79625390556e4
cd7e155cc1a97d339ee280ca2b48faf49066403eb3a83956acdd797a1783032f
cdd7fd40753c8befc8265d564da042a8615b9c9d68974d7faeb5361202481438
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d24b65bbe60e751d56cd5561d56bda0baf0a84b47957ba1237271532878d9188
d55e960f5223ead7f384cf48f0593e2ce995e619fda80fb2e2e87a88f74d16fa
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dd4da38f2df67c01c56838481ccaebc0e1a2436c8d008eb95f7783584f0ddaa9
de63a2d85245b9516200c6006fa2590d85504b53dbfaa856c0f09e005d81b093
de6e5a5ffa0f7ea0c95cc7035fd642f2254368b814aed377ae3dd99d5eaa46d2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2f6796da5d4ebe95437088d0dd52824d9dacd9330bb46e171219d2658b184d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ea8828e12c2ab94be69e35c50ae78f4d58a9b5e7b87eb477a4fc17daa6714fa8
eb99787a26cec944a941c710b26e2f38a93fdd1f315be3981b1d4358b788aa56
ed333f250f45be34a8b4006679e9316e4443ff29d87abb8e73528b9e3d2f84de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f353561ee2a5c0bb0dcc7f70201c5e92d22749122f1880df3b44dbd00e7ed
f1afbf02ff203dd3afa888e73449b44a0ce303f21ece8ee6e8277ec354cc1d63
f24bc52297f0b66cf12c25136e775b2a15d7494ce6853074f93adf5d6bdd78a6
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67d561d5b6be5ff2e22d7bb5274491524614f655eef3d4635627b1a79c2d47a
f76e3b03ff630176e4c3d53a7c1523e5bfbb774e95bd7c33356d8b8e52b95161
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e