top4top.io Open in urlscan Pro
188.165.137.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://top4top.io//
Effective URL:
https://top4top.io/
Submission Tags: demotag1 demotag2 Search All
Submission: On December 21 via api (December 21st 2022, 1:42:57 pm UTC) from RU — Scanned from FR

Summary HTTP 124 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 14 domains to perform 124 HTTP transactions. The main IP is 188.165.137.170, located in France and belongs to OVH, FR. The main domain is top4top.io. The Cisco Umbrella rank of the primary domain is 293623.
TLS certificate: Issued by R3 on December 1st 2022. Valid for: 3 months.

This is the only time top4top.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.165.137.138 188.165.137.138	16276 (OVH) (OVH)
1 3	188.165.137.170 188.165.137.170	16276 (OVH) (OVH)
16	2606:4700:303... 2606:4700:3033::6815:589	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 1	51.158.152.62 51.158.152.62	12876 (Online SAS) (Online SAS)
1	51.159.67.135 51.159.67.135	12876 (Online SAS) (Online SAS)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 15	51.68.38.13 51.68.38.13	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3 4	142.251.208.130 142.251.208.130	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
4	51.68.38.14 51.68.38.14	16276 (OVH) (OVH)
124	24

1 188.165.137.138 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip138.ip-188-165-137.eu

top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.165.137.170 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip170.ip-188-165-137.eu

top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3033::6815:589 (United States)

ASN13335 (CLOUDFLARENET, US)

s.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.152.62 (Amsterdam, Netherlands) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 51-158-152-62.rev.poneytelecom.eu

b.top4top.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.159.67.135 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: par-223012.flapyhosting.com

h.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 51.68.38.13 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: f24.adventori.com

eu.adventori.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.208.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.68.38.14 (France)

ASN16276 (OVH, FR)
PTR: f25.adventori.com

adventori.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	590 KB
23	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 ad.doubleclick.net — Cisco Umbrella Rank: 161	161 KB
21	top4top.io 2 redirects top4top.io — Cisco Umbrella Rank: 293623 s.top4top.io h.top4top.io	389 KB
19	adventori.com 1 redirects eu.adventori.com — Cisco Umbrella Rank: 14325 adventori.com — Cisco Umbrella Rank: 3815	207 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 mts0.google.com — Cisco Umbrella Rank: 3483 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	234 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513	3 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	71 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 304 fonts.googleapis.com — Cisco Umbrella Rank: 37	36 KB
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 26321	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	694 B
1	top4top.vip 1 redirects b.top4top.vip	108 B
124	14

	Domain	Requested by
26	tpc.googlesyndication.com	googleads.g.doubleclick.net top4top.io tpc.googlesyndication.com pagead2.googlesyndication.com
18	pagead2.googlesyndication.com	top4top.io pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net top4top.io
16	s.top4top.io	top4top.io s.top4top.io
15	eu.adventori.com	1 redirects googleads.g.doubleclick.net eu.adventori.com
5	www.googletagservices.com	googleads.g.doubleclick.net top4top.io
4	adventori.com	eu.adventori.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	top4top.io	2 redirects top4top.io
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
2	www.google-analytics.com	top4top.io www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	mts0.google.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	h.top4top.io	top4top.io
1	b.top4top.vip	1 redirects
1	ajax.googleapis.com	top4top.io
124	24

This site contains links to these domains. Also see Links.

Domain
download.top4top.io
twitter.com
t.me
cutt.us.com
0i.is
cutt.us

Subject Issuer	Validity	Valid
top4top.io R3	`2022-12-01` - `2023-03-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.adventori.com R3	`2022-11-12` - `2023-02-10`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://top4top.io/
Frame ID: 376652B8C2C7D83671FE8EF764189040
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 6A73600BD2018F9342B0EBE80E66EB6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&adk=1812271804&adf=3025194257&lmt=1671630170&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Ftop4top.io%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671630170567&bpp=4&bdt=470&idt=244&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3220963080457&frm=20&pv=2&ga_vid=617118704.1671630170&ga_sid=1671630171&ga_hid=1153545621&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44777508%2C31071168%2C44780792%2C44769662&oid=2&pvsid=4026386516525240&tmod=1224186360&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=273
Frame ID: CDA753DD362FB4F7ABA49F21D84BA1CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1671630170&rafmt=1&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671630170571&bpp=2&bdt=474&idt=274&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3220963080457&frm=20&pv=1&ga_vid=617118704.1671630170&ga_sid=1671630171&ga_hid=1153545621&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44777508%2C31071168%2C44780792%2C44769662&oid=2&pvsid=4026386516525240&tmod=1224186360&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7UCyHXATuZ&p=https%3A//top4top.io&dtd=280
Frame ID: 4FB4516106F4E3C4A95EF457ED4D1780
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1671630170&rafmt=1&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671630170573&bpp=1&bdt=476&idt=286&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=3220963080457&frm=20&pv=1&ga_vid=617118704.1671630170&ga_sid=1671630171&ga_hid=1153545621&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44777508%2C31071168%2C44780792%2C44769662&oid=2&pvsid=4026386516525240&tmod=1224186360&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=t77OZcABHA&p=https%3A//top4top.io&dtd=289
Frame ID: C596393B51E4989D4D7CBAA69439A272
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 062007A2F96E9DE2451BADF6EB3F9CCD
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: F3F23A9A9C79A61B617A0DD7D4100DA6
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: F66788EBF627AE65E88823BFC4AB5FCE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 599F02DEE4BA205DB0D8E2A079E4925B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJysIRDguiMYxoP2vgEwAQ&v=APEucNXlF2IaQIVa-r1O8Q8b0eTGeDZnIjjmmlhtaNtdDWY2RHCJmYj_Zgb0aExDltKn2aGlMiJKGhdg4dAx4AD2dysgjPa5GwFwxXBVgoBQG2dpXnYJ-t_cWI6vHGPOLHU2uEF8Snz93PrwiIMVLXhYYdLjIFwk7Y9mTDHRoSQ64LkqWqzn9fw
Frame ID: C25493DE9057C3D98B7F2C8DF37E70AD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CciaBRu7aue_nQgXb9eFAtCb1qbLQG-L97ZkUi0xG3jukshyD7Uw85yQzARzsFmMmUUaDUlPlubYjyhXYh430qSJlU_8rZP34UqXiU7NmYtnSK5qXMxLWcKVNr8HlRInOO4tgcelijJ6M1XYWNyrHWVGO7cpx1ClN9yI9TPg9hO9dyP_Y&cry=1&dbm_d=AKAmf-BiEBTZRKdXTTGRGQl-aJn9T8YEnAnxvM8C49JYSRM_Tk-r20MYf1fFMZ_V-9z9SDs3mfzliJkOJeLvsPOFwEs4xIM_TtcAsoQV7uqe6fsHRW7YxVWoYlsvQ9BMh47E3CEi08v19wfxoD6yG3yo-xFLDdNapRXXJ7_fzhxvCzrVa59_oZZLXw0hhI4n3CCFmBeiRWhSPPQxhiWKvJIyP6UAs8ZC-RIDB49Jv996ye5Bb0x-jqaAwnBjw57_XIBEfhFTASEMNnNaIqGZMTHLxQhdK435TDk0bYCt2hi-e-QsbRzZDImgEZox-2PA8n8Ii4eA62iHPhlVMC9ddxHLgMEG7cEwYxncj6kMxU-8NTKkM0rTfuPs5lnBMXqyASh60FoB2yj8k4H2xo13DrkDnQcOrDttETiEv6Szd_4f0p40ufjfMr5bDdNLvguA5OfXhUs5heqLLQyC0xKsid-bdAEookpAQ_2MnIBQosV8KzJcEvGjX3vEmw8pTtx1OO3u-YH16Gn1KWyPjNv5ZMeWX-DELlZ4N79QCcq1Cjx8FAYCTZlYGF4yepn7u7NN0UG1iQSld-uMZOGNGE34aY1KQagaTa2mzGmmfjaWYz7o-qtHqjolH17yI2UEoEkiLkU0YHOpeGvV-7bbhtOigBrG-Vl8M3l05boFqZKm3zwYhWrukQdbdLKU0SzmhG_GW40W39cce2idZXakXQHu1FBPnOBpZSVQGgl1SjjNNCR9fIgbTlnfvX1bHeq4JeRi5XwrQwJSmDygQPMWderyMyN2Ow071lkHMBqq0Nd85kaB1tDkAL7idfpEhPd7mvSrsI-g9vzkP5T6vvLHGHHWk4S7cv88TVuz6nCXwluagK7MNdMcfWP-jPaFYJCX36bPbfwmudx1acywiQgsGBtqbYVtP6U5w5ScNfEQd4EIOTj_v9A3M1gpkza-kRp2wreat1KkIZxEZyJ2vYYX-sq3uyVBMqbl5Q0DeQsVmEVGzCe-fW-nwHmUHTwPbVXdX-511sc-MwDQNu8Agsgu0_NXYHGR51p4cAkDunaX3By_sQ-517kGjEy0I3p49JN61ABTxg7qJRsWoU9DbhgRhkSle1WO7FvC_udKopo8AtQ-6QJwbp14v72C6qNy9bIm8pvfy74Aiflu2jumVgkzj3DGXkrieUsbBrFLWpo-57tC-pJXBoBnu5qikx2WaOO8Xl8vvFNGuhHxhX_ozrhzYrDPfqLZSasFjt7C0AxPoReDzYSnfUS2JRHcXWIb5rQhn1ZbVGTKJ1SWvlZGLFTJG5f465bETIz9M0nYApJf0gjZOq5GKwn6pbNqaJS-06wWMbabUo9R3nReWj5lXwl5zWoQqkjE4GeJ-TAcreHKQbDFi5G2ukh4orJHMId9151VafQrbk5R1xOW694AAw8OO9w-jnSI40xGR8gVIHDtglQdRCvD--0Ah4YW2_tn2HM6mlgg2zfm2uaFKOREm7S7BQT1Sz-rkwynrvZIyIbrG1gbfLkDQ88irwX0Sr1M5ILj2mQcry-uKp8Qny7Pwc_mOx2PJsWuvxut80ZHRgoeudCG-SXBtXizNKsIY15K2CcSX2VovbCVQHnkgud2x__djlBYJnhA6cMi7x0Z3HlOzDgzNvnzu-UZAAImlhqHunjTwsQlj95JfIi5UjBhFloMFtBFXnSBFQGETCOLLk0CwULmOyXFAY_TClEdL5oTcKai7JgmA-W2Hh18FJ4YUcfzChSHA0X0Bo6BvuUO78o6sPEzh0maisWf67B0lhVUhHA53gT_FZQN3SXPNm27HraYSEvQoDMRcOYCA-4Vf2MbAwX-pPEVZ265s4PqQtAfXc6Oll8Q3vabVJUywcTDu_y--4ZxQc2KC_-u1-MQ68Pwkzz1myT8EWFRpHHKqWCxRNqn1WEG9vqu21oRoVfoenX8F3O2Czyl1lQOoiipdzJnf1XXJ44Qs2pcJZNfHsWYsvt6gwBG467sbAzKpFx6yrI8lqBj1xKNZRoc_czIOaeH7GzZqwI508g_DwxIQAaafWl2-9HGqev_n-zxlSvdQ3OaqwBxyj5YVDSnjpmbvoY4tMMaK8zPVzk6e4H6WdVgFwYkfXheRHHf8Vu2KjItIcAliYLf1WVpYvcDVoQC6PN33awKxlALns6JXMC3TqvUInNvYwUfc238unvi8divIDOnq5Ueq9n-3_r8s9E3JgMTZelmlvladVaymLN7FVX7SduxcZZtVR5Q6VUAfdpKdvfKwuvNW6r4oHNhHVnWWuPO0jNh4Dto1mu1hI5o2tim9W-p9SPkQL4fkiHfGcHHp1DTLkFgfARtvzOZBCfgby7-Ht-4PDCCPGj-WLGH2js0UHlK7OFm3y5r9-V427UeGKsFgTPycTwWpPUMVJWsDPJ1rcTUOu_DkGfojT1ZYwnINUSGEK4fHx4WbyCZ6ENSDOZ29TTdSaZ7NAvgc0dLjjY_WXIP_dVxfaqAcPr657IFls0diIlHtYV3PHW1EfG1mcWH2SkSCGMq6AdvQPeYXI_CM_NWhOLlHpUFs7PH_RMMkS_oAKICJ108UmByvaAQdRBYMs0fKJbHYLxuBzgwk0f81oaBcav1Y7C5wjuAPYspu2BjKEm7UKy5fKNWSKfBx7WPWke4CvJHSq58mGWD3OvR2t2FqOvk7MG5HX4G8p8LNEaChlNonmn6hjj-0Z4r-_NjBf3PFuN6Uspf8gtYJsg84CGmN3US9Yj-iO2byZcYAthoLzwNhIohlDAdhA6dBlPSzpGB5PYxZs_iexheyPrDaPevah4TrbNjogdBr32fE4ux1PVvGXUQGoqgdIj0UkR15Bg6zNxjYIBjmA2LJbZJDs9uyMGmTSEz9Hcdy-AG42ELWXK6UKLR593rx1GjhonP1D9qP9hMQtAXaS8loAd8En2CFqgGtns8hOdq-Avfya-frEBPN9J1jfyLHdvkxUwpGIKDwE9TGt3TKpFGiPnwvpZ-yDEOKoOjZQrC62wRaAZYqpRC1bl80_h0IAEoPQ8jkoBMNgQuQuoJzYjYEj5Zj8ZGzHSt0RGGgnxlMg5bv4WRw_GyJZ3esaXu15lXPvG5IZDdRL2BHDAuVO4GQOsUeJ-Y8eVN27GIO_kKI10&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&rfl=2%2Chttps%253A%252F%252Ftop4top.io%252F%240
Frame ID: 1FB7F5765265811C22E3EAE3BDCEBAEF
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: E8AB50FF6C1D54F3F061448C6E76BD07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 269F999EC352BC878C7138A7A906BCDF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 14ABB57BE7F46A848E86554BC820F2BC
Requests: 1 HTTP requests in this frame

Frame: https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/index.html?_format=html&_dataSize=728x90&_confSize=728x90&_placementId=400133&_campaignId=16252465&_brandId=14343190
Frame ID: 031F6D7A44491859533FB58BCAB40D76
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6B3B875B62B37E1BCDCE68A0C3D6FE3E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 73F94D987BA75DE7C52B87E00FD98959
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 14BF09EA7455F1C00B948C5E2F8255AA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 83356B183A8328365821522569638FE4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top4toP | مركز تحميل و رفع الصور و الملفات من الخليج إلى المغرب

Page URL History Show full URLs

http://top4top.io// HTTP 301
https://top4top.io/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

124
Requests

94 %
HTTPS

60 %
IPv6

14
Domains

24
Subdomains

24
IPs

6
Countries

1708 kB
Transfer

4386 kB
Size

16
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://download.top4top.io/upload-tool/
Title: حمله الآن

Search URL Search Domain Scan URL

URL: https://twitter.com/top4top_net
Title: تابعونا على تويتر

Search URL Search Domain Scan URL

URL: https://t.me/zSupport
Title: للتواصل الطارئ والسريع

Search URL Search Domain Scan URL

URL: https://twitter.com/top4top.io

Search URL Search Domain Scan URL

URL: https://cutt.us.com/
Title: الربح من اختصار الروابط

Search URL Search Domain Scan URL

URL: https://0i.is/
Title: اختصار الروابط

Search URL Search Domain Scan URL

URL: https://cutt.us/
Title: اختصار الروابط

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://top4top.io// HTTP 301
https://top4top.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://top4top.io/adimg-61?1671630170 HTTP 302
https://b.top4top.vip/p_427vfh7e1.png HTTP 302
https://h.top4top.io/p_427vfh7e1.png

Request Chain 69

https://eu.adventori.com/14343190/Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90/ad/script?GDPR=&dspId=19310113342&GDPR_CONSENT_755=&z=1671630170936029&URL=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=ClJExWg2jY92QOYqa78EPoberkArK9NmDbrGD9q6CEbfaor3AARABII6Mgnlg-wGgAayhl8YDyAEJqQJnVYqH7daxPqgDAaoE3AFP0D4HqXI0HawheDQvnd2mRAx_NH7f_Rx0kET6JvIRS0qU9FNzq9w2AoPliQXNn8ro7N4Rjj5jdyF-1WMDiiXrCzkC5OnIr54syuLfU1OKTNHw9wbLPF7F1BtBrkUkLle7MfCOCUChDJIx5GZsWmBS6x9uKWBshBiJ60F3Al2l7yCDy4SnZkIIVS4BmKt0H3TZIc78aaB84D7veXm8LFJgEan4mVCnQrcy-UWau0l_iXHzvgEIUeAlSVuug8cOVjifR_gD0jEveYGR6P9A0d_zDJQZxCDSXz0cQesOwASW9I7xnQTgBAOQBgGgBk2AB7ze6DmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE96L0xHQEwDYEwrYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&sig=AOD64_3rhcNaTWESucDC-4SA45wUH_Vn4g&client=ca-pub-7974902520762023&dbm_c=AKAmf-AoyzAbbl8af0NDX5V7YW2uyVO45qMeO10YwMBXfwqAIxCMFOPcj0HdLWBf3Yo9k6gwK926-eOxovFmQMp9PxeOBjvmsioBZZBROYTUx1ugDRuV2p9WidRtBoxORz_3ck3FUlSTsJtpIZrYI-1ukQxqgBckbh9zF8X6J5bkEMgFdiZf7h4&cry=1&dbm_d=AKAmf-Bm7YKnloN5H2moXR8YQvabQ49PlYLo_3hFeVeBv3JYlzPgp4qQAmWyT_s7zzK0qhiUjlpCczocIAPObKVYT7CxKc6R6wixlZd9OgDZF53bUsdwSqb3gjv00Ol2TE8IRL86btA_Hg0R9zZQn_JBSqsoVMcrBuYr0BBBMRgYdDgDGyyybCmBi_r10zG0sdR90FMJWgmD9i0I10yipXyHx4tAC8SjDAAmpo3Ad007x8Ovlo1pWkr3m-0LFhsNzfKstShbB8TPuBdPd45UWngj98Xw8lCD5Zb7I2PQ_LhLTKpM-e2reUNiVIOV3rlYS3X6FIiCz4VByEdfhtjxN94-kydm3CYCwX8sX8GiGppGV5k6inx460YeBiZkLTIXclL8JsXmbc9ebJQYeB3YD3iSuN8khB4VsIoOQYkjdm_uyt8iyF3QGtw_EZBHRgCMu6AOnBI3Ut66jRGwghjTxiLfjNY9J6N3d2YdDReS9pWGWOoUAvuSHd9MTPngMcH3FjogR4ag2M5sjX7VF0XQrl0xGFGdxWrY2A&adurl= HTTP 302
https://eu.adventori.com/14343190/Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90/ad/script?GDPR=&dspId=19310113342&GDPR_CONSENT_755=&z=1671630170936029&tk_region=eu&tk_r=true&URL=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=ClJExWg2jY92QOYqa78EPoberkArK9NmDbrGD9q6CEbfaor3AARABII6Mgnlg-wGgAayhl8YDyAEJqQJnVYqH7daxPqgDAaoE3AFP0D4HqXI0HawheDQvnd2mRAx_NH7f_Rx0kET6JvIRS0qU9FNzq9w2AoPliQXNn8ro7N4Rjj5jdyF-1WMDiiXrCzkC5OnIr54syuLfU1OKTNHw9wbLPF7F1BtBrkUkLle7MfCOCUChDJIx5GZsWmBS6x9uKWBshBiJ60F3Al2l7yCDy4SnZkIIVS4BmKt0H3TZIc78aaB84D7veXm8LFJgEan4mVCnQrcy-UWau0l_iXHzvgEIUeAlSVuug8cOVjifR_gD0jEveYGR6P9A0d_zDJQZxCDSXz0cQesOwASW9I7xnQTgBAOQBgGgBk2AB7ze6DmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE96L0xHQEwDYEwrYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&sig=AOD64_3rhcNaTWESucDC-4SA45wUH_Vn4g&client=ca-pub-7974902520762023&dbm_c=AKAmf-AoyzAbbl8af0NDX5V7YW2uyVO45qMeO10YwMBXfwqAIxCMFOPcj0HdLWBf3Yo9k6gwK926-eOxovFmQMp9PxeOBjvmsioBZZBROYTUx1ugDRuV2p9WidRtBoxORz_3ck3FUlSTsJtpIZrYI-1ukQxqgBckbh9zF8X6J5bkEMgFdiZf7h4&cry=1&dbm_d=AKAmf-Bm7YKnloN5H2moXR8YQvabQ49PlYLo_3hFeVeBv3JYlzPgp4qQAmWyT_s7zzK0qhiUjlpCczocIAPObKVYT7CxKc6R6wixlZd9OgDZF53bUsdwSqb3gjv00Ol2TE8IRL86btA_Hg0R9zZQn_JBSqsoVMcrBuYr0BBBMRgYdDgDGyyybCmBi_r10zG0sdR90FMJWgmD9i0I10yipXyHx4tAC8SjDAAmpo3Ad007x8Ovlo1pWkr3m-0LFhsNzfKstShbB8TPuBdPd45UWngj98Xw8lCD5Zb7I2PQ_LhLTKpM-e2reUNiVIOV3rlYS3X6FIiCz4VByEdfhtjxN94-kydm3CYCwX8sX8GiGppGV5k6inx460YeBiZkLTIXclL8JsXmbc9ebJQYeB3YD3iSuN8khB4VsIoOQYkjdm_uyt8iyF3QGtw_EZBHRgCMu6AOnBI3Ut66jRGwghjTxiLfjNY9J6N3d2YdDReS9pWGWOoUAvuSHd9MTPngMcH3FjogR4ag2M5sjX7VF0XQrl0xGFGdxWrY2A&adurl=

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEz3w6WPfm42eo7ULQYe28M&google_cver=1

Request Chain 84

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6MNW-EIq8uzdZlPE-ymHAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEz3w6WPfm42eo7ULQYe28M&google_cver=1

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDU_queQUj29uvQ2oD1vP4s&google_cver=1

Request Chain 86

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMTY4MTMwNTUwNTUxNzMy

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 99

https://ad.doubleclick.net/ddm/trackimp/N6600.3507563HPH/B26944573.323238193;dc_trk_aid=515615878;dc_trk_cid=163393056;ord=9130545711;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6600.3507563HPH/B26944573.323238193;dc_pre=CI_s79TrivwCFQVZ4AodbX0Blg;dc_trk_aid=515615878;dc_trk_cid=163393056;ord=9130545711;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

124 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
top4top.io/
Redirect Chain

http://top4top.io//
https://top4top.io/

22 KB
22 KB

146ms
98ms

Document
text/html

188.165.137.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://top4top.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.137.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ip170.ip-188-165-137.eu
Software: HotCores /
Resource Hash: f6f5a7624cad7f85235e89313ff3c3eefafd26507e55e20c8535bbf1359b24fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: private, no-cache="set-cookie"
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Dec 2022 13:42:50 GMT
Expires: 0
I-AM: US01
Pragma: no-cache
Server: HotCores
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 21 Dec 2022 13:42:49 GMT
Location: https://top4top.io
Server: nginx

GET
H2 200 reset.css
s.top4top.io/styles/default-new-reg/css/ 675 B
679 B 99ms
49ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/reset.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a3259106934713084ea8e90baedf51a931703f888958e019e6ab3b3eb6467d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491651
cf-polished: origSize=1013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"57e8eb5d-3f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1ZFD4Qfyg%2B%2FyE01kVqFtAE2QDogHPo6OZbA1KlzwVEFr721uiYIa38GMAEEtkp2s72iTOuOKNmldqBKLLFA7n2czwGYPkVvkO2WgwWWqwqkI8CKDzrkWvZbEnyOxv2c79aPkB7uVaAEldg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 77d10b137bb3d277-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H2 200 stylesheet-3.3.css
s.top4top.io/styles/default-new-reg/css/ 18 KB
5 KB 100ms
50ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/stylesheet-3.3.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28649315acaf52dcb3e1e8a0c316dbdee5ef7fc27638ab8c7fa1c4d637f4b5e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491651
cf-polished: origSize=23881
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"5e0bab24-5d49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dk0UgUdNNf3SMLlWa10Ct0mBkuNq3vt0t0Iy9Y0hrsVrkMt0pBmvoCVxQu%2F2nTJIf%2Fs9sbdgYOeH6YzbsCkK2282Jj5lP54in43rVHMxvulWwNvp%2BcXV2Z1AWW5XcgbHhMTIVuLxyr0scU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 77d10b137bb8d277-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H2 200 bootstrap.rtl.min.css
s.top4top.io/styles/default-new-reg/css/ 111 KB
19 KB 86ms
36ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a60f90398750c832d435897bcd263a7b9dac3c581e55dfd5d04020ee1d849350

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491651
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"57e8eb5d-1bae7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YIwjEVqnFtREFxGyxrXkXcbKJHOjE46%2FwET%2BLznFXLmKF3iauc00TEATq%2FUwXhzFOvBuYl1G3ligG3hWGIvYbyWps4CKW6E966dJuLKdGTy%2FP61LcR9RQebg0EV%2BX%2BsdpYR08XOW1mQFLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 77d10b137bb9d277-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H2 200 font-awesome.min.css
s.top4top.io/styles/default-new-reg/css/ 22 KB
5 KB 102ms
53ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba55961d7ac71561db39cb5be18d75ee12b453a401d3d7561b825664df464aa2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491651
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"5e0bab24-578f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJ8d8UUCnT5n7ylyL%2BoULkeNNIK4W2fXQJXIrVXsNol7Sd6%2Bo6E5grZ5SWZ%2F8YEutVNbZHXy5QWdvGN%2FMQrQg%2BKoJL5Zbco%2BjK9hKiRtdGUEJkJ1YCHnmG693kmDApSNS%2BiG%2BIBZQhE1300%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 77d10b137bbcd277-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H2 200 animate.min.css
s.top4top.io/styles/default-new-reg/css/ 52 KB
4 KB 80ms
31ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48f9a7031474a0f73f92f2e6cbbfad730b5466cda96d86a4459c06efc986173

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491651
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"57e8eb5d-d0b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqVbOq63Q5X66w8OJDxSCZYYmpDCjdbtQgn5RddsG3PvLuIlYLGBk1PpaxYgHfYV3hp%2BnakJuXNKf5pN%2BFlDGa9b%2FwPpBjI0aSSaqxKR8k%2BD36EFowcxXThCZPbBMtfEabFCETRa5w2Qt%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 77d10b137bbdd277-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H2 200 fonts.css
s.top4top.io/styles/default-new-reg/css/ 411 B
769 B 79ms
30ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9837b46a37e8117cb24a8819b66ee698f99d0606fbcb8fa19435cac474abcbc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491651
cf-polished: origSize=487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"5e0bab24-1e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqCa0ayUjJyn6BTFH0JHCpqZ5CBOpdMLrCa6S05DkXG5hJTABDaupW7M%2BwrM2uFXbi0xRKEXZV79mjINsvpw%2BQoVMGM8tLOUrf6NJTuR9iZze5jsgod4kipYPs7A0KkfwlxnSRsB97tZtEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 77d10b137bbfd277-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H2 200 the220px.css
s.top4top.io/styles/default-new-reg/css/ 9 KB
3 KB 81ms
32ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28953ed5afed86c341b5b201d5ba93abd34ede7fcf2f21e8dc0e1be6c54cfc6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491651
cf-polished: origSize=11662
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 Mar 2017 23:54:29 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"58cb25b5-2d8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4fzeU6kKT9HSkxyCo7WBEiB1W2JljKMgkqdGtlIXsZvs0ErgdcjXQYd4jvW4P6yO6weBlkwjWr2oJF%2FY9m%2BRjfqfSQp2ti%2FJs9nZ3XaIQJ5e6ZiOsqdyC9L5VMdutDXU5pq33T%2F1IBGF2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 77d10b137bc0d277-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 86ms
26ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:18:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 07:18:03 GMT

GET
H2 200 bootstrap.min.js Show response
s.top4top.io/styles/default-new-reg/js/ 34 KB
10 KB 81ms
33ms Script
application/javascript 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491651
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"57e8eb5d-875d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrgwh7XRzE9l7X4TmYynpzSjzYD%2Fup9Q8%2FeQATtG9oDzmEYhTC5ARFhX4dv6HQ9qmCkoxibeDb6czajd5PFvLv%2BxZdPHFHSiZ%2F36Kp3dkf5AjuD68DL2w3PGbBatKPmXw%2Bhm1ASu5ecSJ%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 77d10b137bc2d277-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H2 200 the220px.js Show response
s.top4top.io/styles/default-new-reg/js/ 474 B
509 B 103ms
55ms Script
application/javascript 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/js/the220px.js?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfa7cfcb56c0960950a50a392063f2463d216ee2b83de0aa011893816e76962c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491651
cf-polished: origSize=562
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"57e8eb5d-232"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9BaDKt5m85gSL%2Ff%2Bfp8tWzpeJPRN4XSkzVbncUteDcJFPRDfjd%2FB0MDUJRFA45kjVFpO%2BZXx7g7%2FLq4LZ%2F641yxM9uIKzBQfTwJ7R%2F%2Bm7UZDUDLzx22LbAgwEQZN1N%2BuyN3CvFBegKXfYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 77d10b138bd4d277-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H2 200 javascript.js Show response
s.top4top.io/styles/default-new-reg/ 6 KB
2 KB 102ms
54ms Script
application/javascript 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/javascript.js?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937f0bf91c33631f746a0465609e009b41d9d8dcdea2e370360666a1729a3fa3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505702
cf-polished: origSize=16039
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"57e8eb5d-3ea7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rroagLwqnmIWwQk9WkV%2FEdNGbUdlxRzNW1KIGHjs7XGnWOyGxdBQq8Mkq9YXABCzDzG9GGsb1AL4FKVZPwpDX0YJAKjYhPWRPR68qf33cdurleGbmuo1PubO4nRjD9B%2Fb%2FYE8q6J5SNLAuM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 77d10b138bd5d277-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H3 200 newlogo.png
s.top4top.io/styles/default-new-reg/images/ 19 KB
19 KB 26ms
26ms Image
image/png 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.top4top.io/styles/default-new-reg/images/newlogo.png
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94610
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19068
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: "57e8eb5d-4a7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTrlTYF3zKlBoBJyQhtvBsqn6RShqirVIzL6y3Kn0wiAbUcYwD1G9Yalo7EDfVXUbJIKCD6f7HG2FYQV%2FtDm79XwaKLxIRWU7EhlVKDdMox8iJ0iNc%2B6Q2ts4yCYkaBh1ZX0%2BIQg3gMDnYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 77d10b13ee2ad6be-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 260ms
184ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb8ccd10c556dcb7421499f352613282b90e89e2f28f06cd9bf6b5d8fe3c6769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49601
x-xss-protection: 0
server: cafe
etag: 7210043670176998391
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 13:42:50 GMT

GET
H3 200 loading.gif
s.top4top.io/styles/default-new-reg/images/ 32 KB
32 KB 28ms
27ms Image
image/gif 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.top4top.io/styles/default-new-reg/images/loading.gif
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7ea71a09f4ef6432bfac9f46c14133f6ffee7db66ef69efccfa97cbbedcebfb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14988
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32533
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: "57e8eb5d-7f15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yb3%2B66W608ggshScnvtKMIC8to4tbs%2FnGfCT%2FHvB2D4nSLJmhYHDI3D7dMzghsqqJfi8R7N%2FLlY1LZV5svRAIQBNDOWgrGEgdnvVrhbkBaVtqA7gDRRLjkQn6iiUf%2B%2Bbbi89uV0XExraTYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 77d10b140e59d6be-CDG
expires: Wed, 23 Nov 2022 14:37:08 GMT

GET
H/1.1 200
OK adpull.php Show response
top4top.io/ads/ 337 B
489 B 83ms
79ms Script
text/javascript 188.165.137.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://top4top.io/ads/adpull.php?n=1&w=300&h=250&call=js&t=banner&divid=7787112109
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.137.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ip170.ip-188-165-137.eu
Software: HotCores /
Resource Hash: a12ccddf8043c4c95799057c2314523fa1f97303e4ec63a66eac054cce270b70

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 13:42:50 GMT
I-AM: US01
Server: HotCores
Content-Length: 337
Content-Type: text/javascript;Charset=UTF-8

GET
H3 200 soft.png
s.top4top.io/styles/default-new-reg/images/ 40 KB
41 KB 85ms
84ms Image
image/png 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.top4top.io/styles/default-new-reg/images/soft.png
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135756
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41248
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: "57e8eb5d-a120"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfP0BI7SAX%2FoqmJE0W1Idf9NlddlHtWrc%2FpU%2FHAAbvUCuIpaoN1z03UYf5s7Sn8QBRkFWxOGxrZLcFrsMn7kBshwAkfh6Y0sLuusnqdTAf8GNKspoUDKXP6e1Tmn6Q1lQoDVwlWqzYkQd7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 77d10b140e5ad6be-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H2 200 fonts.css
s.top4top.io/styles/default-new-reg/css/ 411 B
539 B 33ms
30ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/fonts.css
Requested by: Host: s.top4top.io
URL: https://s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9837b46a37e8117cb24a8819b66ee698f99d0606fbcb8fa19435cac474abcbc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491781
cf-polished: origSize=487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
server: cloudflare
x-cache-status-a: HIT
etag: W/"5e0bab24-1e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCvJpwpNjkVNACOaEuusxg5a7S0PenCSSMhoaj0onTboZ0EH13tvqdsDoc7fEru1SGHcFTsJj9secZY22iy2j2sH8Yn0Oki47i6IXGb7Jn%2FPIOZOLIkz%2BBTuLOAZhkSCZ8PGOWKHvGqhgPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 77d10b13bbf2d277-CDG
expires: Wed, 23 Nov 2022 14:37:08 GMT

GET
H3 200 NeoSansArabic.woff
s.top4top.io/styles/default-new-reg/fonts/ 115 KB
116 KB 59ms
34ms Font
font/woff 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/fonts/NeoSansArabic.woff
Requested by: Host: s.top4top.io
URL: https://s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 788559c056a4f64455d4208befee3e58bd6f5d4a92fdb4af84f0fdd23cc32278

Request headers

Referer: https://s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
Origin: https://top4top.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 421312
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117704
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: "57e8eb5d-1cbc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nZVi0QB2nJrnRYAbcADo3z6Yb1cEsv3g%2Bhf%2B8ewWAwKEyyPJS2BVuRi0MthasUcK2rElV8pQowqUfxzcLT2SjmpvztSMwvfYCfrFjwPZ6%2BqC8qye19%2FCJf5CodB2%2BMHMdDs%2B2c7dQ4IDdM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 77d10b144b44f178-CDG
expires: Wed, 23 Nov 2022 14:37:08 GMT

GET
H3 200 fontawesome-webfont.woff
s.top4top.io/styles/default-new-reg/fonts/ 64 KB
64 KB 207ms
205ms Font
font/woff 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: s.top4top.io
URL: https://s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
Origin: https://top4top.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 602964
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65452
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
x-cache-status-a: HIT
etag: "57e8eb5d-ffac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2Q8MDdkaRRP%2BuC%2Bn2vWsInIwo6UIL20QGxyll8aYwD5xLoP%2FGKSib486mQVPSmxPo%2FlkVQqD6o5%2FFWmTsb5273klrkTocu0BzMrKi8c83YH8I2WA9rgYxPH807d7pDfnfDLvHI6kbaELkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 77d10b144b48f178-CDG
expires: Wed, 23 Nov 2022 14:37:07 GMT

GET
H2

200

p_427vfh7e1.png
h.top4top.io/
Redirect Chain

https://top4top.io/adimg-61?1671630170
https://b.top4top.vip/p_427vfh7e1.png
https://h.top4top.io/p_427vfh7e1.png

42 KB
43 KB

177ms
124ms

Image
image/png

51.159.67.135
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.top4top.io/p_427vfh7e1.png
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Server: 51.159.67.135 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: par-223012.flapyhosting.com
Software: nginx /
Resource Hash: 4f6528919bb0f9ba4d23d37761fd4fd18561cfdaac54afe7f852dc9612960d7a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-file-id: x16233079x
date: Wed, 21 Dec 2022 13:42:51 GMT
last-modified: Fri, 03 Mar 2017 15:22:29 GMT
server: nginx
etag: "58b98a35-a905"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="427vfh7e1.png"
accept-ranges: bytes
content-length: 43269
expires: Wed, 21 Dec 2022 15:42:51 GMT

Redirect headers

location: https://h.top4top.io/p_427vfh7e1.png
date: Wed, 21 Dec 2022 13:42:50 GMT
server: nginx
content-length: 58
vary: Accept
content-type: text/plain; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
19ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 13:35:19 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 451
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 21 Dec 2022 15:35:19 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 62ms
22ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1153545621&t=pageview&_s=1&dl=https%3A%2F%2Ftop4top.io%2F&ul=en-us&de=UTF-8&dt=Top4toP%20%7C%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D9%88%20%D8%B1%D9%81%D8%B9%20%D8%A7%D9%84%D8%B5%D9%88%D8%B1%20%D9%88%20%D8%A7%D9%84%D9%85%D9%84%D9%81%D8%A7%D8%AA%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC%20%D8%A5%D9%84%D9%89%20%D8%A7%D9%84%D9%85%D8%BA%D8%B1%D8%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=727063446&gjid=288500989&cid=617118704.1671630170&tid=UA-9340508-1&_gid=720587058.1671630170&_r=1&_slc=1&z=611538420

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://top4top.io/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://top4top.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 142ms
91ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7974902520762023&plah=top4top.io&bust=31071168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

824e41e32948522e9654e614715e5f9d06c6b20ca392201df69537ce19594ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119976
x-xss-protection: 0
server: cafe
etag: 17116395890657637015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 13:42:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 6A73 10 KB
10 KB 83ms
25ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 21191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-length: 9772
content-type: text/html; charset=ISO-8859-1
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 07:49:39 GMT
etag: 10353107486223812946
expires: Wed, 04 Jan 2023 07:49:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
694 B 425ms
32ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=top4top.io&callback=_gfp_s_&client=ca-pub-7974902520762023&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7974902520762023&plah=top4top.io&bust=31071168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bda0d66a4e501a02733781de934a97ca0797e2a9e3f887abfc326806ceb0170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 93ms
33ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=top4top.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 96ms
33ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=top4top.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CDA7 241 KB
52 KB 363ms
311ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&adk=1812271804&adf=3025194257&lmt=1671630170&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Ftop4top.io%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671630170567&bpp=4&bdt=470&idt=244&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3220963080457&frm=20&pv=2&ga_vid=617118704.1671630170&ga_sid=1671630171&ga_hid=1153545621&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44777508%2C31071168%2C44780792%2C44769662&oid=2&pvsid=4026386516525240&tmod=1224186360&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=273

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c5914e1822da06ed33f6d0a383060472c0b73703ba2537132e63dfc69bf4f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 53436
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 13:42:51 GMT
expires: Wed, 21 Dec 2022 13:42:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4FB4 116 KB
37 KB 600ms
558ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1671630170&rafmt=1&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671630170571&bpp=2&bdt=474&idt=274&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3220963080457&frm=20&pv=1&ga_vid=617118704.1671630170&ga_sid=1671630171&ga_hid=1153545621&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44777508%2C31071168%2C44780792%2C44769662&oid=2&pvsid=4026386516525240&tmod=1224186360&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7UCyHXATuZ&p=https%3A//top4top.io&dtd=280

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

579519a45337eac0e5f4667d55218862dfc8b18b4767ad8636717c3ed7a6b634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 37401
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 13:42:51 GMT
expires: Wed, 21 Dec 2022 13:42:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C596 93 KB
31 KB 414ms
386ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1671630170&rafmt=1&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671630170573&bpp=1&bdt=476&idt=286&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=3220963080457&frm=20&pv=1&ga_vid=617118704.1671630170&ga_sid=1671630171&ga_hid=1153545621&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44777508%2C31071168%2C44780792%2C44769662&oid=2&pvsid=4026386516525240&tmod=1224186360&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=t77OZcABHA&p=https%3A//top4top.io&dtd=289

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2201015a5d844c2c4bc8e40daeb25500e962580e67776151d016d7d9086d94c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31873
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 13:42:51 GMT
expires: Wed, 21 Dec 2022 13:42:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 13415325981091511638
tpc.googlesyndication.com/daca_images/simgad/ Frame C596 129 KB
129 KB 126ms
52ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13415325981091511638

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1671630170&rafmt=1&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671630170573&bpp=1&bdt=476&idt=286&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=3220963080457&frm=20&pv=1&ga_vid=617118704.1671630170&ga_sid=1671630171&ga_hid=1153545621&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44777508%2C31071168%2C44780792%2C44769662&oid=2&pvsid=4026386516525240&tmod=1224186360&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=t77OZcABHA&p=https%3A//top4top.io&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae1283100f94ed1ce6247c17d2c152075d3fc0eebf74d08e3db8a449f82f197a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 11:48:48 GMT
x-content-type-options: nosniff
age: 266043
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131760
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 07:10:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 11:48:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame C596 23 KB
10 KB 98ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 10:35:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C596 3 KB
1 KB 93ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 10:35:33 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame C596 67 B
196 B 93ms
36ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 14:02:25 GMT
x-content-type-options: nosniff
server: cafe
age: 85226
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 21 Dec 2022 14:02:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C596 18 KB
7 KB 88ms
30ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 16:52:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C596 153 KB
47 KB 124ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 13:42:51 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C596 34 KB
14 KB 94ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 14:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
server: cafe
etag: 2612990788289469886
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 14:02:25 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 77ms
75ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071168

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fcd398393d808d59b78e97ffeb113acb9cd83967721e7e669f8b989661c3f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52352
x-xss-protection: 0
server: cafe
etag: 6703982119330654440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 13:42:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C596 0
0 69ms
68ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRxi_Wg2jY42gOcSZ6wTE67S4AsKy8IRuqOafwMUQ9drQnswaEAEgjoyCeWD7AaAB38iQ6wLIAQKpArTDerflz7E-qAMByAPJBKoEuAFP0GINM01YCmA-rhMR_xgwJ6BovAnBWUSIYWDG_LaTCyRDd_6sI6TGJ3cEPQzEffwdgEiVFx6-pjiqh77b61OBggaMQ-Rg_yPIlIPkMSbP-sDsk-uydQ141Nm2Yxybu_38vvvrc0SUrfOtDGVVUo6unmXeE5esJPC3CJxy8ewDR3d_IUFTkAPTwH_LvIshmv_Cv7rAuWLfdLixKMcGW70UoqZTaLwxR241ZWpcR3Kf8YEhmFjj30ehwATxqtKr5gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHibfvlAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDsrALSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03OTc0OTAyNTIwNzYyMDIzGAA&sigh=kfBRbtxWYcA&uach_m=[UACH]&cid=CAQSGwDq26N9298sIAQK_oqp3me2F2Il11IYbws79hgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1671630170&rafmt=1&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671630170573&bpp=1&bdt=476&idt=286&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=3220963080457&frm=20&pv=1&ga_vid=617118704.1671630170&ga_sid=1671630171&ga_hid=1153545621&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44777508%2C31071168%2C44780792%2C44769662&oid=2&pvsid=4026386516525240&tmod=1224186360&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=t77OZcABHA&p=https%3A//top4top.io&dtd=289
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Dec 2022 13:42:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Dec 2022 13:42:51 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 106ms
43ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=top4top.io

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 105ms
42ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=top4top.io

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 0620 10 KB
4 KB 30ms
30ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 21218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 07:49:13 GMT
etag: 10353107486223812946
expires: Wed, 04 Jan 2023 07:49:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame F3F2 10 KB
4 KB 39ms
37ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 21218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 07:49:13 GMT
etag: 10353107486223812946
expires: Wed, 04 Jan 2023 07:49:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame F667 10 KB
4 KB 43ms
41ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 21218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 07:49:13 GMT
etag: 10353107486223812946
expires: Wed, 04 Jan 2023 07:49:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 599F 143 B
166 B 34ms
25ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1671630170&rafmt=1&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671630170573&bpp=1&bdt=476&idt=286&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=3220963080457&frm=20&pv=1&ga_vid=617118704.1671630170&ga_sid=1671630171&ga_hid=1153545621&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44777508%2C31071168%2C44780792%2C44769662&oid=2&pvsid=4026386516525240&tmod=1224186360&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=t77OZcABHA&p=https%3A//top4top.io&dtd=289
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 13:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C596 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e98c5099b87bd0a4bf2352f4e626f18727c7848a9c9bf1fbac65a3fdee88329

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 4FB4 8 KB
1 KB 110ms
39ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1671630170&rafmt=1&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671630170571&bpp=2&bdt=474&idt=274&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3220963080457&frm=20&pv=1&ga_vid=617118704.1671630170&ga_sid=1671630171&ga_hid=1153545621&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44777508%2C31071168%2C44780792%2C44769662&oid=2&pvsid=4026386516525240&tmod=1224186360&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7UCyHXATuZ&p=https%3A//top4top.io&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 13:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 12:55:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 13:42:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4FB4 2 KB
765 B 131ms
62ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:52:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 16:52:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 4FB4 23 KB
9 KB 111ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 10:35:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4FB4 3 KB
1 KB 38ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 10:35:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4FB4 18 KB
7 KB 127ms
59ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 16:52:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FB4 153 KB
47 KB 132ms
75ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 13:42:51 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 4FB4 34 KB
14 KB 117ms
32ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0620 8 KB
967 B 117ms
54ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 13:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 12:13:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 13:42:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0620 2 KB
765 B 117ms
61ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:52:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 16:52:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 0620 23 KB
9 KB 93ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 10:35:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0620 3 KB
1 KB 80ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 10:35:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0620 18 KB
7 KB 81ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 16:52:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0620 153 KB
47 KB 94ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 13:42:51 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 0620 34 KB
14 KB 191ms
28ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4FB4 0
0 80ms
76ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRB0QWg2jY6fBOd-O78EP_ceG4Ay5o7HVbZHyjov9EOmt9ZS4AhABII6Mgnlg-wGgAY6-rfsoyAEJqQLDSW3YK8-xPqgDAcgDywSqBMsBT9BgsW0m4XaH3HWyMwX4i8NSm6IMXhLyeB6PicWqraPml9X3dBkwSW_0Kb8mXgndwzYhFc0hom3ri3GeEIuhP10Qr9BwOQs2sevrob2JmA_oYvyURNKnNv-mTit61kyfN7CAuSi7XwtsV-svWAGgJUhRHj72YV-zHrj86nBjJOYpwMuZb78i5afAUbcoGP1c1OKFSw92uBJkRuJCj3DtRe_NcPU7oVnlihDZWOg96EEhfPOIOSfW7pKyo_N7qS0wATTK3DLut01OREnABKnH_MedBJIFBAgEGAGSBQQIBRgEoAYugAeO9v3aA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMqRDNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBOIBNgTCtAVAYAXAbIXHAoaCAASFHB1Yi03OTc0OTAyNTIwNzYyMDIzGAA&sigh=vMygyCNBvQk&uach_m=[UACH]&cid=CAQSGwDq26N9_FtUUK5NHh_XAw8LF67Y8NTMdcyXxBgBIBM&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1671630170&rafmt=1&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671630170571&bpp=2&bdt=474&idt=274&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3220963080457&frm=20&pv=1&ga_vid=617118704.1671630170&ga_sid=1671630171&ga_hid=1153545621&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44777508%2C31071168%2C44780792%2C44769662&oid=2&pvsid=4026386516525240&tmod=1224186360&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7UCyHXATuZ&p=https%3A//top4top.io&dtd=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Dec 2022 13:42:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F3F2 2 KB
765 B 33ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:52:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 16:52:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F3F2 23 KB
9 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 10:35:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F3F2 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 10:35:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F3F2 18 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 16:52:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F3F2 153 KB
47 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 13:42:51 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame F3F2 34 KB
14 KB 114ms
53ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C254 624 B
245 B 82ms
64ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJysIRDguiMYxoP2vgEwAQ&v=APEucNXlF2IaQIVa-r1O8Q8b0eTGeDZnIjjmmlhtaNtdDWY2RHCJmYj_Zgb0aExDltKn2aGlMiJKGhdg4dAx4AD2dysgjPa5GwFwxXBVgoBQG2dpXnYJ-t_cWI6vHGPOLHU2uEF8Snz93PrwiIMVLXhYYdLjIFwk7Y9mTDHRoSQ64LkqWqzn9fw

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 13:42:51 GMT
expires: Wed, 21 Dec 2022 13:42:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1FB7 28 KB
16 KB 82ms
65ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CciaBRu7aue_nQgXb9eFAtCb1qbLQG-L97ZkUi0xG3jukshyD7Uw85yQzARzsFmMmUUaDUlPlubYjyhXYh430qSJlU_8rZP34UqXiU7NmYtnSK5qXMxLWcKVNr8HlRInOO4tgcelijJ6M1XYWNyrHWVGO7cpx1ClN9yI9TPg9hO9dyP_Y&cry=1&dbm_d=AKAmf-BiEBTZRKdXTTGRGQl-aJn9T8YEnAnxvM8C49JYSRM_Tk-r20MYf1fFMZ_V-9z9SDs3mfzliJkOJeLvsPOFwEs4xIM_TtcAsoQV7uqe6fsHRW7YxVWoYlsvQ9BMh47E3CEi08v19wfxoD6yG3yo-xFLDdNapRXXJ7_fzhxvCzrVa59_oZZLXw0hhI4n3CCFmBeiRWhSPPQxhiWKvJIyP6UAs8ZC-RIDB49Jv996ye5Bb0x-jqaAwnBjw57_XIBEfhFTASEMNnNaIqGZMTHLxQhdK435TDk0bYCt2hi-e-QsbRzZDImgEZox-2PA8n8Ii4eA62iHPhlVMC9ddxHLgMEG7cEwYxncj6kMxU-8NTKkM0rTfuPs5lnBMXqyASh60FoB2yj8k4H2xo13DrkDnQcOrDttETiEv6Szd_4f0p40ufjfMr5bDdNLvguA5OfXhUs5heqLLQyC0xKsid-bdAEookpAQ_2MnIBQosV8KzJcEvGjX3vEmw8pTtx1OO3u-YH16Gn1KWyPjNv5ZMeWX-DELlZ4N79QCcq1Cjx8FAYCTZlYGF4yepn7u7NN0UG1iQSld-uMZOGNGE34aY1KQagaTa2mzGmmfjaWYz7o-qtHqjolH17yI2UEoEkiLkU0YHOpeGvV-7bbhtOigBrG-Vl8M3l05boFqZKm3zwYhWrukQdbdLKU0SzmhG_GW40W39cce2idZXakXQHu1FBPnOBpZSVQGgl1SjjNNCR9fIgbTlnfvX1bHeq4JeRi5XwrQwJSmDygQPMWderyMyN2Ow071lkHMBqq0Nd85kaB1tDkAL7idfpEhPd7mvSrsI-g9vzkP5T6vvLHGHHWk4S7cv88TVuz6nCXwluagK7MNdMcfWP-jPaFYJCX36bPbfwmudx1acywiQgsGBtqbYVtP6U5w5ScNfEQd4EIOTj_v9A3M1gpkza-kRp2wreat1KkIZxEZyJ2vYYX-sq3uyVBMqbl5Q0DeQsVmEVGzCe-fW-nwHmUHTwPbVXdX-511sc-MwDQNu8Agsgu0_NXYHGR51p4cAkDunaX3By_sQ-517kGjEy0I3p49JN61ABTxg7qJRsWoU9DbhgRhkSle1WO7FvC_udKopo8AtQ-6QJwbp14v72C6qNy9bIm8pvfy74Aiflu2jumVgkzj3DGXkrieUsbBrFLWpo-57tC-pJXBoBnu5qikx2WaOO8Xl8vvFNGuhHxhX_ozrhzYrDPfqLZSasFjt7C0AxPoReDzYSnfUS2JRHcXWIb5rQhn1ZbVGTKJ1SWvlZGLFTJG5f465bETIz9M0nYApJf0gjZOq5GKwn6pbNqaJS-06wWMbabUo9R3nReWj5lXwl5zWoQqkjE4GeJ-TAcreHKQbDFi5G2ukh4orJHMId9151VafQrbk5R1xOW694AAw8OO9w-jnSI40xGR8gVIHDtglQdRCvD--0Ah4YW2_tn2HM6mlgg2zfm2uaFKOREm7S7BQT1Sz-rkwynrvZIyIbrG1gbfLkDQ88irwX0Sr1M5ILj2mQcry-uKp8Qny7Pwc_mOx2PJsWuvxut80ZHRgoeudCG-SXBtXizNKsIY15K2CcSX2VovbCVQHnkgud2x__djlBYJnhA6cMi7x0Z3HlOzDgzNvnzu-UZAAImlhqHunjTwsQlj95JfIi5UjBhFloMFtBFXnSBFQGETCOLLk0CwULmOyXFAY_TClEdL5oTcKai7JgmA-W2Hh18FJ4YUcfzChSHA0X0Bo6BvuUO78o6sPEzh0maisWf67B0lhVUhHA53gT_FZQN3SXPNm27HraYSEvQoDMRcOYCA-4Vf2MbAwX-pPEVZ265s4PqQtAfXc6Oll8Q3vabVJUywcTDu_y--4ZxQc2KC_-u1-MQ68Pwkzz1myT8EWFRpHHKqWCxRNqn1WEG9vqu21oRoVfoenX8F3O2Czyl1lQOoiipdzJnf1XXJ44Qs2pcJZNfHsWYsvt6gwBG467sbAzKpFx6yrI8lqBj1xKNZRoc_czIOaeH7GzZqwI508g_DwxIQAaafWl2-9HGqev_n-zxlSvdQ3OaqwBxyj5YVDSnjpmbvoY4tMMaK8zPVzk6e4H6WdVgFwYkfXheRHHf8Vu2KjItIcAliYLf1WVpYvcDVoQC6PN33awKxlALns6JXMC3TqvUInNvYwUfc238unvi8divIDOnq5Ueq9n-3_r8s9E3JgMTZelmlvladVaymLN7FVX7SduxcZZtVR5Q6VUAfdpKdvfKwuvNW6r4oHNhHVnWWuPO0jNh4Dto1mu1hI5o2tim9W-p9SPkQL4fkiHfGcHHp1DTLkFgfARtvzOZBCfgby7-Ht-4PDCCPGj-WLGH2js0UHlK7OFm3y5r9-V427UeGKsFgTPycTwWpPUMVJWsDPJ1rcTUOu_DkGfojT1ZYwnINUSGEK4fHx4WbyCZ6ENSDOZ29TTdSaZ7NAvgc0dLjjY_WXIP_dVxfaqAcPr657IFls0diIlHtYV3PHW1EfG1mcWH2SkSCGMq6AdvQPeYXI_CM_NWhOLlHpUFs7PH_RMMkS_oAKICJ108UmByvaAQdRBYMs0fKJbHYLxuBzgwk0f81oaBcav1Y7C5wjuAPYspu2BjKEm7UKy5fKNWSKfBx7WPWke4CvJHSq58mGWD3OvR2t2FqOvk7MG5HX4G8p8LNEaChlNonmn6hjj-0Z4r-_NjBf3PFuN6Uspf8gtYJsg84CGmN3US9Yj-iO2byZcYAthoLzwNhIohlDAdhA6dBlPSzpGB5PYxZs_iexheyPrDaPevah4TrbNjogdBr32fE4ux1PVvGXUQGoqgdIj0UkR15Bg6zNxjYIBjmA2LJbZJDs9uyMGmTSEz9Hcdy-AG42ELWXK6UKLR593rx1GjhonP1D9qP9hMQtAXaS8loAd8En2CFqgGtns8hOdq-Avfya-frEBPN9J1jfyLHdvkxUwpGIKDwE9TGt3TKpFGiPnwvpZ-yDEOKoOjZQrC62wRaAZYqpRC1bl80_h0IAEoPQ8jkoBMNgQuQuoJzYjYEj5Zj8ZGzHSt0RGGgnxlMg5bv4WRw_GyJZ3esaXu15lXPvG5IZDdRL2BHDAuVO4GQOsUeJ-Y8eVN27GIO_kKI10&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&rfl=2%2Chttps%253A%252F%252Ftop4top.io%252F%240

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ac04386dbf43639bff254ccf7fef84b914820c6004acd2d35a175df703d222b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16705
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

script Show response
eu.adventori.com/14343190/Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90/ad/ Frame 1FB7
Redirect Chain

https://eu.adventori.com/14343190/Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90/ad/script?GDPR=&dspId=19310113342&GDPR_CONSENT_755=&z=1671630170936029&URL=https://googleads.g.dou...
https://eu.adventori.com/14343190/Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90/ad/script?GDPR=&dspId=19310113342&GDPR_CONSENT_755=&z=1671630170936029&tk_region=eu&tk_r=true&URL=...

551 KB
72 KB

22ms
20ms

Script
text/javascript

51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.adventori.com/14343190/Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90/ad/script?GDPR=&dspId=19310113342&GDPR_CONSENT_755=&z=1671630170936029&tk_region=eu&tk_r=true&URL=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=ClJExWg2jY92QOYqa78EPoberkArK9NmDbrGD9q6CEbfaor3AARABII6Mgnlg-wGgAayhl8YDyAEJqQJnVYqH7daxPqgDAaoE3AFP0D4HqXI0HawheDQvnd2mRAx_NH7f_Rx0kET6JvIRS0qU9FNzq9w2AoPliQXNn8ro7N4Rjj5jdyF-1WMDiiXrCzkC5OnIr54syuLfU1OKTNHw9wbLPF7F1BtBrkUkLle7MfCOCUChDJIx5GZsWmBS6x9uKWBshBiJ60F3Al2l7yCDy4SnZkIIVS4BmKt0H3TZIc78aaB84D7veXm8LFJgEan4mVCnQrcy-UWau0l_iXHzvgEIUeAlSVuug8cOVjifR_gD0jEveYGR6P9A0d_zDJQZxCDSXz0cQesOwASW9I7xnQTgBAOQBgGgBk2AB7ze6DmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE96L0xHQEwDYEwrYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&sig=AOD64_3rhcNaTWESucDC-4SA45wUH_Vn4g&client=ca-pub-7974902520762023&dbm_c=AKAmf-AoyzAbbl8af0NDX5V7YW2uyVO45qMeO10YwMBXfwqAIxCMFOPcj0HdLWBf3Yo9k6gwK926-eOxovFmQMp9PxeOBjvmsioBZZBROYTUx1ugDRuV2p9WidRtBoxORz_3ck3FUlSTsJtpIZrYI-1ukQxqgBckbh9zF8X6J5bkEMgFdiZf7h4&cry=1&dbm_d=AKAmf-Bm7YKnloN5H2moXR8YQvabQ49PlYLo_3hFeVeBv3JYlzPgp4qQAmWyT_s7zzK0qhiUjlpCczocIAPObKVYT7CxKc6R6wixlZd9OgDZF53bUsdwSqb3gjv00Ol2TE8IRL86btA_Hg0R9zZQn_JBSqsoVMcrBuYr0BBBMRgYdDgDGyyybCmBi_r10zG0sdR90FMJWgmD9i0I10yipXyHx4tAC8SjDAAmpo3Ad007x8Ovlo1pWkr3m-0LFhsNzfKstShbB8TPuBdPd45UWngj98Xw8lCD5Zb7I2PQ_LhLTKpM-e2reUNiVIOV3rlYS3X6FIiCz4VByEdfhtjxN94-kydm3CYCwX8sX8GiGppGV5k6inx460YeBiZkLTIXclL8JsXmbc9ebJQYeB3YD3iSuN8khB4VsIoOQYkjdm_uyt8iyF3QGtw_EZBHRgCMu6AOnBI3Ut66jRGwghjTxiLfjNY9J6N3d2YdDReS9pWGWOoUAvuSHd9MTPngMcH3FjogR4ag2M5sjX7VF0XQrl0xGFGdxWrY2A&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Resource Hash

397c90fa27588d39ae946eb8ac00463847c0cc52b425033fa40b47e613c51027

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
p3p: CP="CAO PSA OUR"
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"
location: /14343190/Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90/ad/script?GDPR=&dspId=19310113342&GDPR_CONSENT_755=&z=1671630170936029&tk_region=eu&tk_r=true&URL=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=ClJExWg2jY92QOYqa78EPoberkArK9NmDbrGD9q6CEbfaor3AARABII6Mgnlg-wGgAayhl8YDyAEJqQJnVYqH7daxPqgDAaoE3AFP0D4HqXI0HawheDQvnd2mRAx_NH7f_Rx0kET6JvIRS0qU9FNzq9w2AoPliQXNn8ro7N4Rjj5jdyF-1WMDiiXrCzkC5OnIr54syuLfU1OKTNHw9wbLPF7F1BtBrkUkLle7MfCOCUChDJIx5GZsWmBS6x9uKWBshBiJ60F3Al2l7yCDy4SnZkIIVS4BmKt0H3TZIc78aaB84D7veXm8LFJgEan4mVCnQrcy-UWau0l_iXHzvgEIUeAlSVuug8cOVjifR_gD0jEveYGR6P9A0d_zDJQZxCDSXz0cQesOwASW9I7xnQTgBAOQBgGgBk2AB7ze6DmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE96L0xHQEwDYEwrYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&sig=AOD64_3rhcNaTWESucDC-4SA45wUH_Vn4g&client=ca-pub-7974902520762023&dbm_c=AKAmf-AoyzAbbl8af0NDX5V7YW2uyVO45qMeO10YwMBXfwqAIxCMFOPcj0HdLWBf3Yo9k6gwK926-eOxovFmQMp9PxeOBjvmsioBZZBROYTUx1ugDRuV2p9WidRtBoxORz_3ck3FUlSTsJtpIZrYI-1ukQxqgBckbh9zF8X6J5bkEMgFdiZf7h4&cry=1&dbm_d=AKAmf-Bm7YKnloN5H2moXR8YQvabQ49PlYLo_3hFeVeBv3JYlzPgp4qQAmWyT_s7zzK0qhiUjlpCczocIAPObKVYT7CxKc6R6wixlZd9OgDZF53bUsdwSqb3gjv00Ol2TE8IRL86btA_Hg0R9zZQn_JBSqsoVMcrBuYr0BBBMRgYdDgDGyyybCmBi_r10zG0sdR90FMJWgmD9i0I10yipXyHx4tAC8SjDAAmpo3Ad007x8Ovlo1pWkr3m-0LFhsNzfKstShbB8TPuBdPd45UWngj98Xw8lCD5Zb7I2PQ_LhLTKpM-e2reUNiVIOV3rlYS3X6FIiCz4VByEdfhtjxN94-kydm3CYCwX8sX8GiGppGV5k6inx460YeBiZkLTIXclL8JsXmbc9ebJQYeB3YD3iSuN8khB4VsIoOQYkjdm_uyt8iyF3QGtw_EZBHRgCMu6AOnBI3Ut66jRGwghjTxiLfjNY9J6N3d2YdDReS9pWGWOoUAvuSHd9MTPngMcH3FjogR4ag2M5sjX7VF0XQrl0xGFGdxWrY2A&adurl=
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1FB7 3 KB
1 KB 49ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 10:35:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1FB7 18 KB
7 KB 49ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 16:52:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FB7 153 KB
47 KB 57ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 13:42:51 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FB7 42 B
63 B 77ms
60ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGiMBv6pWZRtE23YefuIuyIqCZvvuzmHxj177dCIs-8feFUVouBpJRZaR_uqhLCnevvOvuiwIqeDcwvNxcCxMBLCV5nLcVxKCiJVm9CqguqYLHQic

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 data=fh0muIJNn-r_Z3c5LuT1AjUntCXt_FLyXKt4lvREySAvMaxw7zhYl6BC1AU9EhuitlIeK4JpgozfKc-BCk2Glw
mts0.google.com/vt/ Frame 4FB4 0
0 143ms
32ms Image
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=fh0muIJNn-r_Z3c5LuT1AjUntCXt_FLyXKt4lvREySAvMaxw7zhYl6BC1AU9EhuitlIeK4JpgozfKc-BCk2Glw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1671630170&rafmt=1&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671630170571&bpp=2&bdt=474&idt=274&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3220963080457&frm=20&pv=1&ga_vid=617118704.1671630170&ga_sid=1671630171&ga_hid=1153545621&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44777508%2C31071168%2C44780792%2C44769662&oid=2&pvsid=4026386516525240&tmod=1224186360&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7UCyHXATuZ&p=https%3A//top4top.io&dtd=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 4FB4 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4FB4 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4FB4 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4FB4 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 599F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
46ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 13:42:51 GMT
expires: Wed, 21 Dec 2022 13:42:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 13:42:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame E8AB 36 KB
16 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 10:52:27 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 269F 143 B
166 B 26ms
25ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 13:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4FB4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74e1fc0b37a4edab2bb9fe372328a428ac1caa4b06eb2eaecf390546e07eaa38

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C254
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEz3w6WPfm42eo7ULQYe28M&google_cver=1

43 B
766 B

67ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEz3w6WPfm42eo7ULQYe28M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJysIRDguiMYxoP2vgEwAQ&v=APEucNXlF2IaQIVa-r1O8Q8b0eTGeDZnIjjmmlhtaNtdDWY2RHCJmYj_Zgb0aExDltKn2aGlMiJKGhdg4dAx4AD2dysgjPa5GwFwxXBVgoBQG2dpXnYJ-t_cWI6vHGPOLHU2uEF8Snz93PrwiIMVLXhYYdLjIFwk7Y9mTDHRoSQ64LkqWqzn9fw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 13:42:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEz3w6WPfm42eo7ULQYe28M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C254
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6MNW-EIq8uzdZlPE-ymHAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEz3w6WPfm42eo7ULQYe28M&google_cver=1

43 B
766 B

25ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEz3w6WPfm42eo7ULQYe28M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJysIRDguiMYxoP2vgEwAQ&v=APEucNXlF2IaQIVa-r1O8Q8b0eTGeDZnIjjmmlhtaNtdDWY2RHCJmYj_Zgb0aExDltKn2aGlMiJKGhdg4dAx4AD2dysgjPa5GwFwxXBVgoBQG2dpXnYJ-t_cWI6vHGPOLHU2uEF8Snz93PrwiIMVLXhYYdLjIFwk7Y9mTDHRoSQ64LkqWqzn9fw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 13:42:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEz3w6WPfm42eo7ULQYe28M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C254
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDU_queQUj29uvQ2oD1vP4s&google_cver=1

43 B
1 KB

149ms
68ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDU_queQUj29uvQ2oD1vP4s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJysIRDguiMYxoP2vgEwAQ&v=APEucNXlF2IaQIVa-r1O8Q8b0eTGeDZnIjjmmlhtaNtdDWY2RHCJmYj_Zgb0aExDltKn2aGlMiJKGhdg4dAx4AD2dysgjPa5GwFwxXBVgoBQG2dpXnYJ-t_cWI6vHGPOLHU2uEF8Snz93PrwiIMVLXhYYdLjIFwk7Y9mTDHRoSQ64LkqWqzn9fw

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 13:42:52 GMT
AN-X-Request-Uuid: 8e74e8d0-edcc-41dd-8ae1-1cef78dda7cb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.59.164.96; 37.59.164.96; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDU_queQUj29uvQ2oD1vP4s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C254
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMTY4MTMwNTUwNTUxNzMy

170 B
188 B

144ms
63ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMTY4MTMwNTUwNTUxNzMy

Requested by

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Dec 2022 13:42:52 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.59.164.96; 37.59.164.96; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3473d301-60e5-439b-bf9d-ca46117fb718
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyMTY4MTMwNTUwNTUxNzMy
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4FB4 28 KB
28 KB 167ms
38ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 579889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:38:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1FB7 30 KB
11 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CciaBRu7aue_nQgXb9eFAtCb1qbLQG-L97ZkUi0xG3jukshyD7Uw85yQzARzsFmMmUUaDUlPlubYjyhXYh430qSJlU_8rZP34UqXiU7NmYtnSK5qXMxLWcKVNr8HlRInOO4tgcelijJ6M1XYWNyrHWVGO7cpx1ClN9yI9TPg9hO9dyP_Y&cry=1&dbm_d=AKAmf-BiEBTZRKdXTTGRGQl-aJn9T8YEnAnxvM8C49JYSRM_Tk-r20MYf1fFMZ_V-9z9SDs3mfzliJkOJeLvsPOFwEs4xIM_TtcAsoQV7uqe6fsHRW7YxVWoYlsvQ9BMh47E3CEi08v19wfxoD6yG3yo-xFLDdNapRXXJ7_fzhxvCzrVa59_oZZLXw0hhI4n3CCFmBeiRWhSPPQxhiWKvJIyP6UAs8ZC-RIDB49Jv996ye5Bb0x-jqaAwnBjw57_XIBEfhFTASEMNnNaIqGZMTHLxQhdK435TDk0bYCt2hi-e-QsbRzZDImgEZox-2PA8n8Ii4eA62iHPhlVMC9ddxHLgMEG7cEwYxncj6kMxU-8NTKkM0rTfuPs5lnBMXqyASh60FoB2yj8k4H2xo13DrkDnQcOrDttETiEv6Szd_4f0p40ufjfMr5bDdNLvguA5OfXhUs5heqLLQyC0xKsid-bdAEookpAQ_2MnIBQosV8KzJcEvGjX3vEmw8pTtx1OO3u-YH16Gn1KWyPjNv5ZMeWX-DELlZ4N79QCcq1Cjx8FAYCTZlYGF4yepn7u7NN0UG1iQSld-uMZOGNGE34aY1KQagaTa2mzGmmfjaWYz7o-qtHqjolH17yI2UEoEkiLkU0YHOpeGvV-7bbhtOigBrG-Vl8M3l05boFqZKm3zwYhWrukQdbdLKU0SzmhG_GW40W39cce2idZXakXQHu1FBPnOBpZSVQGgl1SjjNNCR9fIgbTlnfvX1bHeq4JeRi5XwrQwJSmDygQPMWderyMyN2Ow071lkHMBqq0Nd85kaB1tDkAL7idfpEhPd7mvSrsI-g9vzkP5T6vvLHGHHWk4S7cv88TVuz6nCXwluagK7MNdMcfWP-jPaFYJCX36bPbfwmudx1acywiQgsGBtqbYVtP6U5w5ScNfEQd4EIOTj_v9A3M1gpkza-kRp2wreat1KkIZxEZyJ2vYYX-sq3uyVBMqbl5Q0DeQsVmEVGzCe-fW-nwHmUHTwPbVXdX-511sc-MwDQNu8Agsgu0_NXYHGR51p4cAkDunaX3By_sQ-517kGjEy0I3p49JN61ABTxg7qJRsWoU9DbhgRhkSle1WO7FvC_udKopo8AtQ-6QJwbp14v72C6qNy9bIm8pvfy74Aiflu2jumVgkzj3DGXkrieUsbBrFLWpo-57tC-pJXBoBnu5qikx2WaOO8Xl8vvFNGuhHxhX_ozrhzYrDPfqLZSasFjt7C0AxPoReDzYSnfUS2JRHcXWIb5rQhn1ZbVGTKJ1SWvlZGLFTJG5f465bETIz9M0nYApJf0gjZOq5GKwn6pbNqaJS-06wWMbabUo9R3nReWj5lXwl5zWoQqkjE4GeJ-TAcreHKQbDFi5G2ukh4orJHMId9151VafQrbk5R1xOW694AAw8OO9w-jnSI40xGR8gVIHDtglQdRCvD--0Ah4YW2_tn2HM6mlgg2zfm2uaFKOREm7S7BQT1Sz-rkwynrvZIyIbrG1gbfLkDQ88irwX0Sr1M5ILj2mQcry-uKp8Qny7Pwc_mOx2PJsWuvxut80ZHRgoeudCG-SXBtXizNKsIY15K2CcSX2VovbCVQHnkgud2x__djlBYJnhA6cMi7x0Z3HlOzDgzNvnzu-UZAAImlhqHunjTwsQlj95JfIi5UjBhFloMFtBFXnSBFQGETCOLLk0CwULmOyXFAY_TClEdL5oTcKai7JgmA-W2Hh18FJ4YUcfzChSHA0X0Bo6BvuUO78o6sPEzh0maisWf67B0lhVUhHA53gT_FZQN3SXPNm27HraYSEvQoDMRcOYCA-4Vf2MbAwX-pPEVZ265s4PqQtAfXc6Oll8Q3vabVJUywcTDu_y--4ZxQc2KC_-u1-MQ68Pwkzz1myT8EWFRpHHKqWCxRNqn1WEG9vqu21oRoVfoenX8F3O2Czyl1lQOoiipdzJnf1XXJ44Qs2pcJZNfHsWYsvt6gwBG467sbAzKpFx6yrI8lqBj1xKNZRoc_czIOaeH7GzZqwI508g_DwxIQAaafWl2-9HGqev_n-zxlSvdQ3OaqwBxyj5YVDSnjpmbvoY4tMMaK8zPVzk6e4H6WdVgFwYkfXheRHHf8Vu2KjItIcAliYLf1WVpYvcDVoQC6PN33awKxlALns6JXMC3TqvUInNvYwUfc238unvi8divIDOnq5Ueq9n-3_r8s9E3JgMTZelmlvladVaymLN7FVX7SduxcZZtVR5Q6VUAfdpKdvfKwuvNW6r4oHNhHVnWWuPO0jNh4Dto1mu1hI5o2tim9W-p9SPkQL4fkiHfGcHHp1DTLkFgfARtvzOZBCfgby7-Ht-4PDCCPGj-WLGH2js0UHlK7OFm3y5r9-V427UeGKsFgTPycTwWpPUMVJWsDPJ1rcTUOu_DkGfojT1ZYwnINUSGEK4fHx4WbyCZ6ENSDOZ29TTdSaZ7NAvgc0dLjjY_WXIP_dVxfaqAcPr657IFls0diIlHtYV3PHW1EfG1mcWH2SkSCGMq6AdvQPeYXI_CM_NWhOLlHpUFs7PH_RMMkS_oAKICJ108UmByvaAQdRBYMs0fKJbHYLxuBzgwk0f81oaBcav1Y7C5wjuAPYspu2BjKEm7UKy5fKNWSKfBx7WPWke4CvJHSq58mGWD3OvR2t2FqOvk7MG5HX4G8p8LNEaChlNonmn6hjj-0Z4r-_NjBf3PFuN6Uspf8gtYJsg84CGmN3US9Yj-iO2byZcYAthoLzwNhIohlDAdhA6dBlPSzpGB5PYxZs_iexheyPrDaPevah4TrbNjogdBr32fE4ux1PVvGXUQGoqgdIj0UkR15Bg6zNxjYIBjmA2LJbZJDs9uyMGmTSEz9Hcdy-AG42ELWXK6UKLR593rx1GjhonP1D9qP9hMQtAXaS8loAd8En2CFqgGtns8hOdq-Avfya-frEBPN9J1jfyLHdvkxUwpGIKDwE9TGt3TKpFGiPnwvpZ-yDEOKoOjZQrC62wRaAZYqpRC1bl80_h0IAEoPQ8jkoBMNgQuQuoJzYjYEj5Zj8ZGzHSt0RGGgnxlMg5bv4WRw_GyJZ3esaXu15lXPvG5IZDdRL2BHDAuVO4GQOsUeJ-Y8eVN27GIO_kKI10&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&rfl=2%2Chttps%253A%252F%252Ftop4top.io%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 16:52:05 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1FB7 41 KB
15 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 16:52:05 GMT

GET
DATA 200
OK truncated
/ Frame 0620 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0620 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7d844eace1b90f829b264a504eb83ccd31f4aa880512b07a2695ea24e3b35a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1995364009317599597
tpc.googlesyndication.com/daca_images/simgad/ Frame F3F2 12 KB
12 KB 38ms
36ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1995364009317599597?w=180&h=320

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66ca272889403f0f7fedec48b94d02ce3a9ce58ea85dee4911de8c752ff82f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:13:32 GMT
x-content-type-options: nosniff
age: 282560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12583
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 01:11:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Dec 2022 07:13:32 GMT

GET
DATA 200
OK truncated
/ Frame F3F2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b2e04389100484b397542eb55e204773c6c0280c1ca528c01aca10fddd8a924

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 269F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

35ms
34ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 13:42:52 GMT
expires: Wed, 21 Dec 2022 13:42:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 13:42:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0620 0
17 B 86ms
67ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8oDLWg2jY9uQOYqa78EPoberkAr1nPqFbt_n_-qEEdKsq-2OOBABII6Mgnlg-wGgAern37kCyAEBqAMBqgS9AU_Qpv0hyLbohi7R22eKblkDpVz-IBC78KPSSh_hdusfvxNeJM21o-a2s3McAmF3GqYvHZODKa6aIv1mgSpGA7-ucRt2yAWr633ruicw_M1Sk4C972HdjeER1B-iUfVKpeBSHcTYGqyMy3IyvINnz2ZddEf3n8J_B0U10YeeEmRIaCCsQZABdsvYcl-GiFJxdC59U_u83KpSIMcsZ7bt3x3oJ4aLHL5k4xIIm953cfmFD_VScHX5oDRcgWDvVcAEs-rR06QEkgUECAQYAZIFBAgFGASAB_uEgtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQnlPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi03OTc0OTAyNTIwNzYyMDIzGAA&sigh=qzP2gR6m-pE&uach_m=[UACH]&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&template_id=5020&vis=1

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Dec 2022 13:42:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 14AB 36 KB
16 KB 70ms
51ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 10:52:27 GMT

GET
H/1.1 200
OK index.html Show response
eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/ Frame 031F 92 KB
7 KB 63ms
16ms Document
text/html 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/index.html?_format=html&_dataSize=728x90&_confSize=728x90&_placementId=400133&_campaignId=16252465&_brandId=14343190

Requested by

Host: eu.adventori.com
URL: https://eu.adventori.com/14343190/Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90/ad/script?GDPR=&dspId=19310113342&GDPR_CONSENT_755=&z=1671630170936029&URL=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=ClJExWg2jY92QOYqa78EPoberkArK9NmDbrGD9q6CEbfaor3AARABII6Mgnlg-wGgAayhl8YDyAEJqQJnVYqH7daxPqgDAaoE3AFP0D4HqXI0HawheDQvnd2mRAx_NH7f_Rx0kET6JvIRS0qU9FNzq9w2AoPliQXNn8ro7N4Rjj5jdyF-1WMDiiXrCzkC5OnIr54syuLfU1OKTNHw9wbLPF7F1BtBrkUkLle7MfCOCUChDJIx5GZsWmBS6x9uKWBshBiJ60F3Al2l7yCDy4SnZkIIVS4BmKt0H3TZIc78aaB84D7veXm8LFJgEan4mVCnQrcy-UWau0l_iXHzvgEIUeAlSVuug8cOVjifR_gD0jEveYGR6P9A0d_zDJQZxCDSXz0cQesOwASW9I7xnQTgBAOQBgGgBk2AB7ze6DmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE96L0xHQEwDYEwrYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&sig=AOD64_3rhcNaTWESucDC-4SA45wUH_Vn4g&client=ca-pub-7974902520762023&dbm_c=AKAmf-AoyzAbbl8af0NDX5V7YW2uyVO45qMeO10YwMBXfwqAIxCMFOPcj0HdLWBf3Yo9k6gwK926-eOxovFmQMp9PxeOBjvmsioBZZBROYTUx1ugDRuV2p9WidRtBoxORz_3ck3FUlSTsJtpIZrYI-1ukQxqgBckbh9zF8X6J5bkEMgFdiZf7h4&cry=1&dbm_d=AKAmf-Bm7YKnloN5H2moXR8YQvabQ49PlYLo_3hFeVeBv3JYlzPgp4qQAmWyT_s7zzK0qhiUjlpCczocIAPObKVYT7CxKc6R6wixlZd9OgDZF53bUsdwSqb3gjv00Ol2TE8IRL86btA_Hg0R9zZQn_JBSqsoVMcrBuYr0BBBMRgYdDgDGyyybCmBi_r10zG0sdR90FMJWgmD9i0I10yipXyHx4tAC8SjDAAmpo3Ad007x8Ovlo1pWkr3m-0LFhsNzfKstShbB8TPuBdPd45UWngj98Xw8lCD5Zb7I2PQ_LhLTKpM-e2reUNiVIOV3rlYS3X6FIiCz4VByEdfhtjxN94-kydm3CYCwX8sX8GiGppGV5k6inx460YeBiZkLTIXclL8JsXmbc9ebJQYeB3YD3iSuN8khB4VsIoOQYkjdm_uyt8iyF3QGtw_EZBHRgCMu6AOnBI3Ut66jRGwghjTxiLfjNY9J6N3d2YdDReS9pWGWOoUAvuSHd9MTPngMcH3FjogR4ag2M5sjX7VF0XQrl0xGFGdxWrY2A&adurl=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Apache /

Resource Hash

41b76d43c43e3b264d20a9de0b572a86bd9f091a0048d4b627a0775376c6e211

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=300
content-encoding: gzip
content-length: 6656
content-type: text/html
date: Wed, 21 Dec 2022 13:42:52 GMT
expires: Wed, 21 Dec 2022 13:47:52 GMT
last-modified: Wed, 16 Nov 2022 09:58:03 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H/1.1 200 trackPrint
eu.adventori.com/tracker/ Frame 1FB7 43 B
341 B 47ms
15ms Image
image/gif 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/tracker/trackPrint?tk_type=AdShow&tk_campaignId=2022_CanalPlus_BETC&tk_cartoucheId=Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90&tk_ui=XVxnIYE1Ee240V2zbWQQMQ&tk_ip=37.59.164.96&tk_userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&tk_urlClick=https%3A%2F%2Feu.adventori.com%2Fcreatives%2Fcanal%2F202011_fusion_MT%2F728x90%2Findex.html%3FquinconceRules%3DTRUE%26segmentAboAppnexus%3Dfalse%26cibleSegment%3Dfalse%26testDmpBoolean%3Dfalse%26adNetwork%3DHPH%26scenarioKey%3DGenerique_OSE%26groupeKey%3DGENERALISTE_MPG%26scenarioRandom%3DGENERALISTE_MPG-Generique_OSE%26device%3Ddesktop%26city%3D%26accroche%3DON%2520A%2520TOUT%2520CE%2520QU%27IL%2520VOUS%2520FAUT_!%26accrocheFinalKey%3DON%2520A%2520TOUT%2520CE%2520QU%27IL%2520VOUS%2520FAUT_!%26scenarioConcat%3DGENERALISTE_MPG_Generique_OSE%26ABtestScenario%3D%26rotationMulti%3D%26weatherTemperature%3D%26weatherCode%3D%26locationURLView%3D%26locationURLOffer%3D%26locationURLTunnel%3D%26tunnelOk%3D%26offerOk%3D%26viewOk%3D%26macroRedirect%3D%26typeTracking%3D%26dataAllSiteTrack%3D%26dataOfferTrack%3D%26dataTunnelTrack%3D%26dataAllTypeTrack%3D%26monthKey%3DD%25C3%2589CEMBRE%26scenarioTrack%3D%26visuelProgramme1%3DTOP-GUN%26visuelProgramme2%3D%26criteoPlayAd%3DNotCriteo%26multiActivation%3D-%26ABtestFrame%3D%26AbtestVersion%3D%26sId%3DN6600.3507563HPH%26cpId%3D26944573%26pId%3D323238193%26aId%3D515615878%26cId%3D163393056%26dspId%3D19310113342%26_stat_scn%3DGENERALISTE_MPG_Generique_OSE&tk_impressionId=XVxnIoE1Ee240V2zbWQQMQ&tk_acceptsThirdPartyCookies=true&tk_origin=https%3A%2F%2Ftop4top.io&tk_location=https%3A%2F%2Ftop4top.io%2F&tk_eventIndex=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
pragma: no-cache
date: Wed, 21 Dec 2022 13:42:51 GMT
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

B26944573.323238193;dc_pre=CI_s79TrivwCFQVZ4AodbX0Blg;dc_trk_aid=515615878;dc_trk_cid=163393056;ord=9130545711;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N6600.3507563HPH/ Frame 1FB7
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6600.3507563HPH/B26944573.323238193;dc_trk_aid=515615878;dc_trk_cid=163393056;ord=9130545711;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;...
https://ad.doubleclick.net/ddm/trackimp/N6600.3507563HPH/B26944573.323238193;dc_pre=CI_s79TrivwCFQVZ4AodbX0Blg;dc_trk_aid=515615878;dc_trk_cid=163393056;ord=9130545711;dc_lat=;dc_rdid=;tag_for_chil...

42 B
63 B

99ms
45ms

Image
image/gif

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6600.3507563HPH/B26944573.323238193;dc_pre=CI_s79TrivwCFQVZ4AodbX0Blg;dc_trk_aid=515615878;dc_trk_cid=163393056;ord=9130545711;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:52 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6600.3507563HPH/B26944573.323238193;dc_pre=CI_s79TrivwCFQVZ4AodbX0Blg;dc_trk_aid=515615878;dc_trk_cid=163393056;ord=9130545711;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1FB7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3ea6e2ce96b70e932509364064c6970c95491358bef0c71d125a9fa03435452

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F3F2 0
17 B 70ms
67ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrVfJWg2jY9yQOYqa78EPoberkArq9reCbsa8zo7OEKe6vLLXNRABII6Mgnlg-wGgAfuXlqwByAEBqQJnVYqH7daxPqgDAcgDywSqBL0BT9AscLrokq7b-kTPQaN0xNK5BSwzgKmIOyNfrm_8Yx0FBhuLgJC5WxH5AVyjLwfZYuaUfaGIg1byRcTZzH7rfj9RWxtyljcMkOquFZDVquwBuMS3h4kbB8cg07cTGa5b7Oox-yWOohOCw4euQ5Je3vptOhe35DJ4hnX5tXRLD2AdEf014v8FbVJ_0BrJKvEvusf53VI3a5NJ4Bi--dTFyUiv4cjWwp81SWjSpVA4PyxbF-Rp_dI5mAX68MmPwASmnfySmASSBQQIBBgBkgUECAUYBKAGAoAH7efp0wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCQNdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTc5NzQ5MDI1MjA3NjIwMjMYAA&sigh=b-aRpu9PCwY&uach_m=[UACH]&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&vis=1

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Dec 2022 13:42:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6B3B 22 KB
8 KB 29ms
28ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 161447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:52:05 GMT
expires: Tue, 19 Dec 2023 16:52:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 73F9 36 KB
16 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 10:52:27 GMT

GET
H/1.1 200
OK ADventori-2.0.0.css
adventori.com/lp/enabler/ Frame 031F 7 KB
2 KB 54ms
14ms Stylesheet
text/css 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://adventori.com/lp/enabler/ADventori-2.0.0.css

Requested by

Host: eu.adventori.com
URL: https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/index.html?_format=html&_dataSize=728x90&_confSize=728x90&_placementId=400133&_campaignId=16252465&_brandId=14343190

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

07fcd1d0da6fa7a138f398aa484b99cdad68e5731ae83d6cac8f498a0ebc9277

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu.adventori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 10 Mar 2021 11:13:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=300
content-length: 1830
expires: Wed, 21 Dec 2022 13:47:52 GMT

GET
H/1.1 200
OK main.css
eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/ Frame 031F 54 KB
6 KB 17ms
16ms Stylesheet
text/css 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/main.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Apache /

Resource Hash

f580f4e01ad643065d644c42f77e3cf9b1f30239eec1f1e2180174405d2ff634

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/index.html?_format=html&_dataSize=728x90&_confSize=728x90&_placementId=400133&_campaignId=16252465&_brandId=14343190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Mon, 15 Nov 2021 17:21:10 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=300
content-length: 6229
expires: Wed, 21 Dec 2022 13:47:52 GMT

GET
H/1.1 200
OK ADventori-2.0.0.js Show response
adventori.com/lp/enabler/ Frame 031F 77 KB
17 KB 66ms
27ms Script
application/javascript 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://adventori.com/lp/enabler/ADventori-2.0.0.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

7b96cde7491c8bbf9a865074b6ce9c4fe53b6906c2ca7e2402c64beded814365

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.adventori.com/
Origin: https://eu.adventori.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Mon, 17 Oct 2022 11:43:03 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
content-length: 17163
expires: Wed, 21 Dec 2022 13:47:52 GMT

GET
H/1.1 200
OK engine.js Show response
eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/ Frame 031F 8 KB
3 KB 15ms
14ms Script
application/javascript 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/engine.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Apache /

Resource Hash

7b68e8939b7040094f2eeadb31c02e04fe857b84f4b5765f5d9d7b72357db537

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/index.html?_format=html&_dataSize=728x90&_confSize=728x90&_placementId=400133&_campaignId=16252465&_brandId=14343190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 10 Mar 2021 11:26:10 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
content-length: 2151
expires: Wed, 21 Dec 2022 13:47:52 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B3B 36 KB
16 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 10:52:27 GMT

GET
H/1.1 200
OK CanalpDem-Ital.woff2
adventori.com/creatives/0_fonts/Canal/ Frame 031F 17 KB
17 KB 16ms
15ms Font
font/woff2 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://adventori.com/creatives/0_fonts/Canal/CanalpDem-Ital.woff2

Requested by

Host: eu.adventori.com
URL: https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/main.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

4246d05086475c96f0b9d02ac602bfb0dc3cb3c48a1227f228f9af812a1555d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.adventori.com/
Origin: https://eu.adventori.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 11:26:06 GMT
server: Apache
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=300
content-length: 17268
expires: Wed, 21 Dec 2022 13:47:52 GMT

GET
H/1.1 200
OK Canalp-BoldItal.woff2
adventori.com/creatives/0_fonts/Canal/ Frame 031F 18 KB
18 KB 29ms
14ms Font
font/woff2 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://adventori.com/creatives/0_fonts/Canal/Canalp-BoldItal.woff2

Requested by

Host: eu.adventori.com
URL: https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/main.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

2a8740fb1e83c0d4678272574b1a06c81ab9c2c493df97f4a35b45f437cae0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.adventori.com/
Origin: https://eu.adventori.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 11:26:06 GMT
server: Apache
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=300
content-length: 18204
expires: Wed, 21 Dec 2022 13:47:52 GMT

GET
H/1.1 200
OK logoCanalSE.png
eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/img/logos/ Frame 031F 5 KB
5 KB 14ms
14ms Image
image/png 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/img/logos/logoCanalSE.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Apache /

Resource Hash

f3eafbd082522a95955a1d54d91c0ca4baa62390ccc2cda6aadf132590f1bcdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/index.html?_format=html&_dataSize=728x90&_confSize=728x90&_placementId=400133&_campaignId=16252465&_brandId=14343190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 11:26:10 GMT
server: Apache
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-length: 5174
expires: Wed, 21 Dec 2022 13:47:52 GMT

GET
H/1.1 200
OK TOP-GUN-190x90.jpg
eu.adventori.com/creatives/canal/202011_fusion_MT/programme_visuel/TOP-GUN/un_visuel/ Frame 031F 34 KB
35 KB 15ms
14ms Image
image/jpeg 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/canal/202011_fusion_MT/programme_visuel/TOP-GUN/un_visuel/TOP-GUN-190x90.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Apache /

Resource Hash

f3897c7a6f2adc68c8f66670d88af2c5f1f89b02733c32494b203c551566e1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/index.html?_format=html&_dataSize=728x90&_confSize=728x90&_placementId=400133&_campaignId=16252465&_brandId=14343190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 25 Nov 2022 15:50:04 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-length: 35248
expires: Wed, 21 Dec 2022 13:47:52 GMT

GET
H/1.1 200
OK logoCanal.png
eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/img/logos/ Frame 031F 4 KB
4 KB 31ms
14ms Image
image/png 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/img/logos/logoCanal.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Apache /

Resource Hash

362be2650379d5cb998e478b479da58c91cf104f86eaa36f704015affe4c6978

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/index.html?_format=html&_dataSize=728x90&_confSize=728x90&_placementId=400133&_campaignId=16252465&_brandId=14343190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 11:26:10 GMT
server: Apache
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-length: 3719
expires: Wed, 21 Dec 2022 13:47:52 GMT

GET
H/1.1 200
OK 2023_new_packshot_canal_plus_ose_728x90.png
eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/img/newpackshot/ Frame 031F 15 KB
16 KB 43ms
14ms Image
image/png 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/img/newpackshot/2023_new_packshot_canal_plus_ose_728x90.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Apache /

Resource Hash

5a209bd2272e9a41ad6c7a3903cb165f280b592ac5b50cf9f72551aec3ffc2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eu.adventori.com/creatives/canal/202011_fusion_MT/728x90/index.html?_format=html&_dataSize=728x90&_confSize=728x90&_placementId=400133&_campaignId=16252465&_brandId=14343190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 25 Nov 2022 12:43:03 GMT
server: Apache
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-length: 15769
expires: Wed, 21 Dec 2022 13:47:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 122ms
71ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98132d8a40febe115996b4f20f7b6ada5c3a27bdbcf02208688ef4f23c20c05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11160
x-xss-protection: 0

GET
H/1.1 200 trackPrint
eu.adventori.com/tracker/ Frame 1FB7 43 B
341 B 18ms
15ms Image
image/gif 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/tracker/trackPrint?tk_type=AdCreativeLoaded&tk_campaignId=2022_CanalPlus_BETC&tk_cartoucheId=Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90&tk_ui=XVxnIYE1Ee240V2zbWQQMQ&tk_ip=37.59.164.96&tk_userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&tk_impressionId=XVxnIoE1Ee240V2zbWQQMQ&tk_acceptsThirdPartyCookies=true&tk_mouseEvents=&tk_creaInitData=1&tk_creaReady=1&tk_creaLoad=1&tk_creaInitDataTime=358&tk_creaReadyTime=393&tk_creaLoadTime=463&tk_adStartTime=11&tk_eventIndex=4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
pragma: no-cache
date: Wed, 21 Dec 2022 13:42:51 GMT
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B3B 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzSlxWw2jY6mSKvGKjuwPmYSpcAAAAAA4AeAEAg&bg=!EhGlEVXNAAYgquz3AKo7ACkAdvg8WtdvdIlI6xXkqyiH_20xFpn7cOrdw85rCfHZK-uVVWngx0c96wIAAACOUgAAAARoAQeZAyqkZUP3dg5vppCMkPE9gPeDaRjlF8Xh7fmlk1RKpD64M2dmdAk5Rnzzxc67P4O3weH--Jac8F52qm7NQg5Rws8DddnOVuUd0OdqwGV6yYVmfHqDBPBUeoAXQWEkcp1NU1MzVeexiPpeqi7ACBB5Uv9XwvE1OQnxpDXXC7Nb4JmxXgZAMclCCI8IP98JGP7_v3uiIzmQqgpfdu83GWWmeUdaD7UNH4elOd9agC7XnNBXWYATvwQ5Can2-AbTZN3uA43w5uiWlsJ9xdODvCEpHsCmbc5N4IpZ5IEl5g2YMrwXTuCdrfrImsz40MTGrPsCuqqktVs8939Fst33UbT1vzNR84COpzSjaFgpSsBKRWxA0F4jtqgvNp8VoG-j1488-3PfmwonBUDLoqyHDFnwgbL-z_9c2qfmvjNuTZhk9OaKq1IMVQpB43ZrGvxuT225FekMQl-G0x_78Y3anDmzf-rS80mUxmwMbu_LjQAjpNA2oneBiagBxE_p-hpT4L-VRcQPDKepPgd9oDplF5ScBR923ngdk2GYlpwb4__9VZOiSH6onv2WaShp7QIipWvu8u55YBKnLCsdaN54iAGWLBZc4t4OkKyajI49_voTOkF4nPP2o-tZjJ16q0bcT65zKdbbea4KGTznlHGAzOo4uBDkiTec0Lk2OhUQZCmrmvsrQhdIV5RfqFCI8KcAuuV35N06oG6C-bgucsnxbSyzG4GZPr3kuEKvm6V5nclxqDRO4CGAv9a9VHQypLYmFw9yPA0WKthhwxUiHT4gB17uF8zH6TxeA1u0aHAgjvTunCGdhcgNAX95lmQWoIH_WfbijftqFbrG7t6by57lTzctMVVwyuzayKYoI4j9T2d1_9FZaxeLk1Z3IVnVoVl2e_zuq7eBCBcgcgzLdubC2xT3dPDqSqj2c7oK8fCRSPoGsmmwMHZXd5gA2LyzAnVNOk9p0hm4OWk4A5RrzXZvWkeeqZREDHDefSvWqIY5VyREnkfZmBCWbmsnhoaJa9Y4JMoTYdQzsYnO03lLlFiFw3FQZLRsz16iwnss_ACuw2kDnbhklQ9AD9lcm5_oAtM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 13:42:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 14BF 13 KB
5 KB 40ms
27ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 7380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 11:39:52 GMT
expires: Thu, 21 Dec 2023 11:39:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8335 783 B
535 B 38ms
35ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4884ef581c86cab8f4093000fef95e7aa1f20ed735451d601c9686d0eba3e9cb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sIFyIoVD5MgS0Z_HL3-7_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-sIFyIoVD5MgS0Z_HL3-7_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 13:42:52 GMT
expires: Wed, 21 Dec 2022 13:42:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8335 0
0 62ms
61ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=4026386516525240&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 14BF 36 KB
16 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 10:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 10:52:27 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 14BF 0
10 B 25ms
24ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RrVzWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 13:42:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0620 42 B
64 B 61ms
59ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqZhCeFvdVMyAcdyBD5t5krTfA7U-sdy3QMMoQ7ZzwZNL-bVbnKIXpXg8LW2qJ6t8wPagDmwiYtMmEYP5l6Wf1HgjSeE_j1bPkaoqn43KC5MJgXFae_wY7D6f7iRamuBsJfNBjLQ&sai=AMfl-YRwFIJaEgbJ4XcZo2D9P1gHxe6ImLQxU_b3X6fiMxC_iPc5fjs4vVqeN6ojPuxW6OofscfgZr-sxFJETZs&sig=Cg0ArKJSzD3GRo3wXCekEAE&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671630171417&rpt=543&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F3F2 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssh7d33zxDcV8fPn-mc_5_cd_j35DnFdjyDSwYZlIQMZ1d49UbHYeT6i1hx1cd6NfwMStY5YE6q24_7UqWL28f4bgLDG8xhQGv_In3QX_7Wkp4uPRIstLotWQr43nZ3CuaghcXyVg&sai=AMfl-YR8bWbs3d9rfvEkXiVvuVWR_vqqlNDA8tVKcVbcrclNnwycuzU7FeB4uWdk_qE_-zJJeQxCz5SNLBESDds&sig=Cg0ArKJSzFW1wdORP1WoEAE&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&id=lidar2&mcvt=1001&p=-90,0,410,180&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671630171420&rpt=572&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4FB4 42 B
64 B 61ms
59ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkzyAxqZa4fWaDoMDLy87jmjjFn35yMYSh-PF1Z4_20of9f0f9p8kCGS57D9JwcY2yxZ0XjXg7dnIg7QiUGmIZ27yf2bYcBIqlcxH-Go3sntFiHZ49OXGYnDGm1YEWu6dgYH4QqA&sai=AMfl-YTI1-kABR095BaKrUeQ93zE4VL3nXHX0pqHlqUPmt4-TN8rIXahKrfiKz8IqtO_d_7y-Wx6RdIgkUQsZws&sig=Cg0ArKJSzLWJgmEkyinqEAE&cid=CAQSGwDq26N9_FtUUK5NHh_XAw8LF67Y8NTMdcyXxBgBIBM&id=lidar2&mcvt=1003&p=0,0,280,1140&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1798011881&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671630170852&rpt=1261&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 trackPrint
eu.adventori.com/tracker/ Frame 1FB7 43 B
341 B 16ms
15ms Image
image/gif 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/tracker/trackPrint?tk_type=AdView&tk_campaignId=2022_CanalPlus_BETC&tk_cartoucheId=Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90&tk_ui=XVxnIYE1Ee240V2zbWQQMQ&tk_ip=37.59.164.96&tk_userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&tk_retailer_1=1&tk_retailer_2=area%3D50%26duration%3D1%26index%3D0%26priority%3D1&tk_retailer_3=method%3Dintersection%26frameMode%3Dcrossorigin%26nbNested%3D2%26nbNestedFriendly%3D1%26browser%3Dchrome%26os%3Dwindows%26intersectionObserver%3Dtrue%26sfAPI%3Dfalse&tk_retailer_4=1073&tk_impressionId=XVxnIoE1Ee240V2zbWQQMQ&tk_acceptsThirdPartyCookies=true&tk_eventIndex=5

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
pragma: no-cache
date: Wed, 21 Dec 2022 13:42:52 GMT
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1FB7 42 B
64 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstX8eFmyCAx1VUqjJkiiS0U55B_OKDEiSE0sN_KFvQvaiS3SbJL0oviJA1yjipTvD1gPMcFhNIE6pLK9LKe6V8UThGthknBzBQnzy5qqf1tGiAWtDhUcFHCXg8Pc8XWU-uJLrvtjA&sai=AMfl-YTk2jSIKeWdn7vDfFYt3jLhFS3tY-GQrjp3J8GtpT-IfEXYJhQD9UmtpavAKvkxkv6jy3wYq9ZgcUrEoOk&sig=Cg0ArKJSzHUKQvm788StEAE&cid=CAQSGwDq26N9kbj7rqd3a5Q6LsSyF9mZqnSMsuczKxgBIBM&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=991,1000,1000,1000,1000&tos=991,9,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671630171635&rpt=791&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 13:42:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
63ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=4026386516525240&bg=!7-yl7KjNAAYgquz3AKo7ACkAdvg8Wu2lPylDevKN_tPCHeFwEn-rUaJswHc0a0hXiFyy-8I6WsoRhQIAAACbUgAAAAVoAQcKAIRtVbDXJ2VjgXvK4dQY4HWvM-3-WfA2IjZ-WXzIgdXoz9MnpVow35VdLchJBaa7DGEXh4JO5d6shlayAflIl8DKg1SpI5RRW7HKxtkXIuD-8yaz9SynWs6Qs_4LDQNSH25uBpylTszHdqRGNYR93bDussxOlWAlWTkch-qYywLhomuJa9qZAuPkq_BWxrFQeqDmHIYXUmRnT4wkh2-tpOeXmkog1ASO_JkW15uz2ko1sLpcJqcSr5RFFh74qgnb2Tvsuc4q_OLlvcfqXJ2-95_p2fZOQbrvROH2ZyiwjZz7gWItfCaXo4j0goEfNzAvd45R-ADrJSvUds97gQLa_4MDOa0hNpOaLE2ehnjOxPnFdhI4aQGAZSE5w4GBYhU2v-vdNevfPMqS-zA5Gt6T3zxUBdh-SaJh59kT34ubOiBU_bjUBzL1xP4NbUFhFKpJP2i-FHHQghUZA-eZAuLFae1o9w5mqievHpS6-NZGRyp9zGf3s9TIC2HFsCbwGj6qBVcE-RHfvabm_S2bDtWmwiD3ULkxhtfaGCIpoDD2YyJgFR0rypZ_n70yHD_q0Uvjf240AvANUmQzIZ7d_lglsh6ZtnXlvhydZ95NXOF-maawDh6vE4k6cbHKw3KLsOCHfdjcOGEKuSw2_NJv2cbtYLv6-DykO-ljisWbGZG16Ee3kgQSNhsIrK4QvB-ggDN9oqxWlsal5uV6cI7AyRtk1Un6f6U4eW4PSAIcbUmIo6XSECQnbvjiAbW5-Md1K8PlHd5Nu7d08Xh-vVEsN_CtPyPgxvfFfQVa-yDQr36B3l49mBM60K-eBAni2J01v74qXNXTBkZRPKI_gn_hCoijVGa7tYW1IGciagJlV2EDI5pC3lZLsw7kkDnaVY3k_ANarTf3-qxo2e4imV0VdX7zgsue0nQJ5SaXMvnnYQHOSFuEVkIw8XgzYT4ZWRM5JFlWzQLVzorJXDSOW6ya5YV2EtOWCGA9vomdnn7FTP24G1zTHYW77pT0oWqOOfLuYLSP0DNPlJ4Dnacnw2fon6oICH3dmZrbOYlmVFQYOdJDzlY_-CJUnd1Qp2tl_P4WAFBp9eVZ0XKQpKUgRQ5XmvahFKuQVT3pMPZJbr-28kxTvCqlewSA_d4qIA-BmVsKEhXhBUhHUxpSGoNIKjcH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200 trackPrint
eu.adventori.com/tracker/ Frame 1FB7 43 B
341 B 18ms
17ms Image
image/gif 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/tracker/trackPrint?tk_type=AdView&tk_campaignId=2022_CanalPlus_BETC&tk_cartoucheId=Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90&tk_ui=XVxnIYE1Ee240V2zbWQQMQ&tk_ip=37.59.164.96&tk_userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&tk_retailer_1=1&tk_retailer_2=area%3D50%26duration%3D2%26index%3D1%26priority%3D1&tk_retailer_3=method%3Dintersection%26frameMode%3Dcrossorigin%26nbNested%3D2%26nbNestedFriendly%3D1%26browser%3Dchrome%26os%3Dwindows%26intersectionObserver%3Dtrue%26sfAPI%3Dfalse&tk_retailer_4=2075&tk_impressionId=XVxnIoE1Ee240V2zbWQQMQ&tk_acceptsThirdPartyCookies=true&tk_eventIndex=6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
pragma: no-cache
date: Wed, 21 Dec 2022 13:42:53 GMT
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 trackPrint
eu.adventori.com/tracker/ Frame 1FB7 43 B
341 B 34ms
24ms Image
image/gif 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/tracker/trackPrint?tk_type=AdView&tk_campaignId=2022_CanalPlus_BETC&tk_cartoucheId=Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90&tk_ui=XVxnIYE1Ee240V2zbWQQMQ&tk_ip=37.59.164.96&tk_userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&tk_retailer_1=1&tk_retailer_2=area%3D50%26duration%3D3%26index%3D2%26priority%3D1&tk_retailer_3=method%3Dintersection%26frameMode%3Dcrossorigin%26nbNested%3D2%26nbNestedFriendly%3D1%26browser%3Dchrome%26os%3Dwindows%26intersectionObserver%3Dtrue%26sfAPI%3Dfalse&tk_retailer_4=3073&tk_impressionId=XVxnIoE1Ee240V2zbWQQMQ&tk_acceptsThirdPartyCookies=true&tk_eventIndex=7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
pragma: no-cache
date: Wed, 21 Dec 2022 13:42:54 GMT
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 trackPrint
eu.adventori.com/tracker/ Frame 1FB7 43 B
341 B 15ms
15ms Image
image/gif 51.68.38.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/tracker/trackPrint?tk_type=AdView&tk_campaignId=2022_CanalPlus_BETC&tk_cartoucheId=Canalplus_2022_HPH_CPM_VEL_DT_DV_OSE-GENERIQUE_IAB_5F_PCC_728x90&tk_ui=XVxnIYE1Ee240V2zbWQQMQ&tk_ip=37.59.164.96&tk_userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&tk_retailer_1=1&tk_retailer_2=area%3D50%26duration%3D4%26index%3D3%26priority%3D1&tk_retailer_3=method%3Dintersection%26frameMode%3Dcrossorigin%26nbNested%3D2%26nbNestedFriendly%3D1%26browser%3Dchrome%26os%3Dwindows%26intersectionObserver%3Dtrue%26sfAPI%3Dfalse&tk_retailer_4=4073&tk_impressionId=XVxnIoE1Ee240V2zbWQQMQ&tk_acceptsThirdPartyCookies=true&tk_eventIndex=8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.13 , France, ASN16276 (OVH, FR),

Reverse DNS

f24.adventori.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
pragma: no-cache
date: Wed, 21 Dec 2022 13:42:55 GMT
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
top4top.io/	1970-01-20 08:23:22	Name: sid Value: GvTKmzPIrF16dGNiY7LrykkwhM1
.top4top.io/	1970-01-20 17:56:30	Name: _ga Value: GA1.2.617118704.1671630170
.top4top.io/	1970-01-20 08:21:56	Name: _gid Value: GA1.2.720587058.1671630170
.top4top.io/	1970-01-20 08:20:30	Name: _gat Value: 1
.top4top.io/	1970-01-20 08:21:55	Name: klj_40d147_downloads Value: 9nxiv
.top4top.io/	1970-01-20 17:42:06	Name: __gads Value: ID=1e2dd4a99ce801f3-22e6644438da002c:T=1671630171:RT=1671630171:S=ALNI_MbrEnJULgrY3ESczyD59VaffLx3dg
.top4top.io/	1970-01-20 17:42:06	Name: __gpi Value: UID=00000b95b74b71de:T=1671630171:RT=1671630171:S=ALNI_MaWMtoqL0NgxicM2Zb_I6bHONkSmg
.doubleclick.net/	1970-01-20 17:42:06	Name: IDE Value: AHWqTUk40HqaQsHGeMkWWq4GLb8YMrp0tr2aJUi6Lu-ctLJhc1dCujdli8esrtmCbcM
.adventori.com/	1970-01-20 10:30:06	Name: tk_ui_third Value: 1
.adventori.com/	1970-01-20 10:30:06	Name: tk_ui Value: XVxnIYE1Ee240V2zbWQQMQ
.doubleclick.net/	1970-01-20 08:20:33	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 17:06:06	Name: CMID Value: Y6MNW-EIq8uzdZlPE-ymHAAA
.casalemedia.com/	1970-01-20 10:30:06	Name: CMPS Value: 5277
.casalemedia.com/	1970-01-20 10:30:06	Name: CMPRO Value: 5277
.adnxs.com/	1970-01-20 10:30:06	Name: uuid2 Value: 342168130550551732
.adnxs.com/	1970-01-20 10:30:06	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTuqat.6!]tbPl1M>e)ZlrFUfJ+tGXxo7FVJ9(G4dDSd(93XQeJbD=N.T_.zt87ek>'bpRzqF1`b_%T)yA8H

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=fh0muIJNn-r_Z3c5LuT1AjUntCXt_FLyXKt4lvREySAvMaxw7zhYl6BC1AU9EhuitlIeK4JpgozfKc-BCk2Glw Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-7974902520762023&fa=3&ifi=4&uci=a!4&btvi=2&xpc=FG04TuaVgo&p=https%3A//top4top.io Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.fr
adventori.com
ajax.googleapis.com
b.top4top.vip
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eu.adventori.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h.top4top.io
ib.adnxs.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
s.top4top.io
top4top.io
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.185.166
142.251.208.130
185.80.39.216
185.89.210.244
188.165.137.138
188.165.137.170
2001:4860:4802:38::178
2606:4700:3033::6815:589
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2002
2a00:1450:400d:807::2003
51.158.152.62
51.159.67.135
51.68.38.13
51.68.38.14
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
07fcd1d0da6fa7a138f398aa484b99cdad68e5731ae83d6cac8f498a0ebc9277
09a3259106934713084ea8e90baedf51a931703f888958e019e6ab3b3eb6467d
0ac04386dbf43639bff254ccf7fef84b914820c6004acd2d35a175df703d222b
0b2e04389100484b397542eb55e204773c6c0280c1ca528c01aca10fddd8a924
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1
2a8740fb1e83c0d4678272574b1a06c81ab9c2c493df97f4a35b45f437cae0c7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
362be2650379d5cb998e478b479da58c91cf104f86eaa36f704015affe4c6978
397c90fa27588d39ae946eb8ac00463847c0cc52b425033fa40b47e613c51027
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
41b76d43c43e3b264d20a9de0b572a86bd9f091a0048d4b627a0775376c6e211
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
4246d05086475c96f0b9d02ac602bfb0dc3cb3c48a1227f228f9af812a1555d8
484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306
4884ef581c86cab8f4093000fef95e7aa1f20ed735451d601c9686d0eba3e9cb
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bda0d66a4e501a02733781de934a97ca0797e2a9e3f887abfc326806ceb0170
4e98c5099b87bd0a4bf2352f4e626f18727c7848a9c9bf1fbac65a3fdee88329
4f6528919bb0f9ba4d23d37761fd4fd18561cfdaac54afe7f852dc9612960d7a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579519a45337eac0e5f4667d55218862dfc8b18b4767ad8636717c3ed7a6b634
58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9
5a209bd2272e9a41ad6c7a3903cb165f280b592ac5b50cf9f72551aec3ffc2f9
5c5914e1822da06ed33f6d0a383060472c0b73703ba2537132e63dfc69bf4f53
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
66ca272889403f0f7fedec48b94d02ce3a9ce58ea85dee4911de8c752ff82f90
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612
74e1fc0b37a4edab2bb9fe372328a428ac1caa4b06eb2eaecf390546e07eaa38
788559c056a4f64455d4208befee3e58bd6f5d4a92fdb4af84f0fdd23cc32278
7b68e8939b7040094f2eeadb31c02e04fe857b84f4b5765f5d9d7b72357db537
7b96cde7491c8bbf9a865074b6ce9c4fe53b6906c2ca7e2402c64beded814365
824e41e32948522e9654e614715e5f9d06c6b20ca392201df69537ce19594ee8
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
937f0bf91c33631f746a0465609e009b41d9d8dcdea2e370360666a1729a3fa3
98132d8a40febe115996b4f20f7b6ada5c3a27bdbcf02208688ef4f23c20c05f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12ccddf8043c4c95799057c2314523fa1f97303e4ec63a66eac054cce270b70
a2201015a5d844c2c4bc8e40daeb25500e962580e67776151d016d7d9086d94c
a28649315acaf52dcb3e1e8a0c316dbdee5ef7fc27638ab8c7fa1c4d637f4b5e
a28953ed5afed86c341b5b201d5ba93abd34ede7fcf2f21e8dc0e1be6c54cfc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60f90398750c832d435897bcd263a7b9dac3c581e55dfd5d04020ee1d849350
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ae1283100f94ed1ce6247c17d2c152075d3fc0eebf74d08e3db8a449f82f197a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b48f9a7031474a0f73f92f2e6cbbfad730b5466cda96d86a4459c06efc986173
ba55961d7ac71561db39cb5be18d75ee12b453a401d3d7561b825664df464aa2
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c3ea6e2ce96b70e932509364064c6970c95491358bef0c71d125a9fa03435452
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c8fcd398393d808d59b78e97ffeb113acb9cd83967721e7e669f8b989661c3f8
c9837b46a37e8117cb24a8819b66ee698f99d0606fbcb8fa19435cac474abcbc
cfa7cfcb56c0960950a50a392063f2463d216ee2b83de0aa011893816e76962c
d7d844eace1b90f829b264a504eb83ccd31f4aa880512b07a2695ea24e3b35a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ea71a09f4ef6432bfac9f46c14133f6ffee7db66ef69efccfa97cbbedcebfb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3897c7a6f2adc68c8f66670d88af2c5f1f89b02733c32494b203c551566e1a3
f3eafbd082522a95955a1d54d91c0ca4baa62390ccc2cda6aadf132590f1bcdd
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f580f4e01ad643065d644c42f77e3cf9b1f30239eec1f1e2180174405d2ff634
f6f5a7624cad7f85235e89313ff3c3eefafd26507e55e20c8535bbf1359b24fb
fb8ccd10c556dcb7421499f352613282b90e89e2f28f06cd9bf6b5d8fe3c6769

top4top.io Open in urlscan Pro 188.165.137.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

124 Requests

94 %HTTPS

60 %IPv6

14 Domains

24 Subdomains

24 IPs

6 Countries

1708 kBTransfer

4386 kBSize

16 Cookies

7 Outgoing links

Page URL History

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

top4top.io Open in urlscan Pro
188.165.137.170 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

94 %
HTTPS

60 %
IPv6

14
Domains

24
Subdomains

24
IPs

6
Countries

1708 kB
Transfer

4386 kB
Size

16
Cookies

124 HTTP transactions
10 data transactions