top4top.io Open in urlscan Pro
188.165.137.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://top4top.io//
Effective URL:
https://top4top.io/
Submission Tags: demotag1 demotag2 Search All
Submission: On March 16 via api (March 16th 2023, 9:31:48 am UTC) from RU — Scanned from FR

Summary HTTP 140 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 19 domains to perform 140 HTTP transactions. The main IP is 188.165.137.170, located in France and belongs to OVH, FR. The main domain is top4top.io. The Cisco Umbrella rank of the primary domain is 418764.
TLS certificate: Issued by R3 on March 1st 2023. Valid for: 3 months.

This is the only time top4top.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.165.137.138 188.165.137.138	16276 (OVH) (OVH)
1 3	188.165.137.170 188.165.137.170	16276 (OVH) (OVH)
16	2606:4700:303... 2606:4700:3033::6815:589	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	51.159.67.135 51.159.67.135	12876 (Online SAS) (Online SAS)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:9::210:ee05	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	35.156.29.78 35.156.29.78	16509 (AMAZON-02) (AMAZON-02)
8	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	52.59.118.245 52.59.118.245	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	2600:9000:211... 2600:9000:211e:1c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.149.12.213 34.149.12.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
140	21

1 188.165.137.138 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip138.ip-188-165-137.eu

top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.165.137.170 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip170.ip-188-165-137.eu

top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3033::6815:589 (United States)

ASN13335 (CLOUDFLARENET, US)

s.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.159.67.135 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: par-223012.flapyhosting.com

h.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:9::210:ee05 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.29.78 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-29-78.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.118.245 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-118-245.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:1c00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.132 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.12.149.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	463 KB
25	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 310 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	164 KB
21	top4top.io 2 redirects top4top.io — Cisco Umbrella Rank: 418764 s.top4top.io h.top4top.io	389 KB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 272	249 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	123 KB
7	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 305 fonts.googleapis.com — Cisco Umbrella Rank: 34	38 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	243 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 468 tps.doubleverify.com — Cisco Umbrella Rank: 500 tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9831	111 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 381	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 425	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 285	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 729	2 KB
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 29106	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 708	443 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 317	460 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 31897	611 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	601 B
140	19

	Domain	Requested by
29	tpc.googlesyndication.com	googleads.g.doubleclick.net top4top.io tpc.googlesyndication.com pagead2.googlesyndication.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net top4top.io
16	pagead2.googlesyndication.com	top4top.io pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	s.top4top.io	top4top.io s.top4top.io
13	s0.2mdn.net	top4top.io s0.2mdn.net
10	www.gstatic.com	googleads.g.doubleclick.net
8	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	top4top.io	2 redirects top4top.io
3	fonts.gstatic.com	fonts.googleapis.com
2	secure.adnxs.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	x.bidswitch.net	2 redirects
2	pm.w55c.net	2 redirects
2	cdn.doubleverify.com	s0.2mdn.net top4top.io
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
2	www.google-analytics.com	top4top.io www.google-analytics.com
1	tpsc-eu3.doubleverify.com	cdn.doubleverify.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	s.ad.smaato.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	googleads4.g.doubleclick.net	top4top.io
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	h.top4top.io	top4top.io
1	ajax.googleapis.com	top4top.io
140	29

This site contains links to these domains. Also see Links.

Domain
download.top4top.io
twitter.com
t.me
cutt.us.com
0i.is
cutt.us

Subject Issuer	Validity	Valid
top4top.io R3	`2023-03-01` - `2023-05-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://top4top.io/
Frame ID: EA2B8E8FE1E91D60FAABCA333CA79050
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20190131/zrt_lookup.html
Frame ID: 37C7BEE5EBAFA709FA041D79AD871D7F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&adk=1812271804&adf=3025194257&lmt=1678959102&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Ftop4top.io%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678959102065&bpp=4&bdt=310&idt=122&shv=r20230314&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1212915722020&frm=20&pv=2&ga_vid=940131322.1678959102&ga_sid=1678959102&ga_hid=944656424&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759926%2C44773809%2C44759842%2C44759875%2C31071756%2C31073058&oid=2&pvsid=3807785847487716&tmod=865089248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=177
Frame ID: EF85CA08454430EB323E3AF0FFF563B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1678959102&rafmt=1&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678959102069&bpp=2&bdt=314&idt=203&shv=r20230314&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1212915722020&frm=20&pv=1&ga_vid=940131322.1678959102&ga_sid=1678959102&ga_hid=944656424&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759926%2C44773809%2C44759842%2C44759875%2C31071756%2C31073058&oid=2&pvsid=3807785847487716&tmod=865089248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z7LH5z5GHt&p=https%3A//top4top.io&dtd=237
Frame ID: ADD17E7718DB2D8CE3B656DA35FF86FA
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1678959102&rafmt=1&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678959102071&bpp=1&bdt=316&idt=250&shv=r20230314&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=1212915722020&frm=20&pv=1&ga_vid=940131322.1678959102&ga_sid=1678959102&ga_hid=944656424&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759926%2C44773809%2C44759842%2C44759875%2C31071756%2C31073058&oid=2&pvsid=3807785847487716&tmod=865089248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=EKfTJY8ror&p=https%3A//top4top.io&dtd=297
Frame ID: 9A2270F63D7B023BCF881774A0B0AC32
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1
Frame ID: BBC7825566AAAB4A768A9C66F7A7B9EE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1
Frame ID: 032420657C25A9A81502FF89CD9D2729
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1
Frame ID: 84D5A108E423B8238C3EAAB48C2CE869
Requests: 13 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSh3zcUwi60fIgqtMjP96oZWZ_UzXliEs8vAlhwQdm9big1edmlj2LZKlB203wgvxlIBUFAvqibqprxMm_4hvrXTncCAlWn9X5Pq77KTqMqEPkYA_l2sygmtYfIMyebZpS-5kxKFazBfTcL_n2anXth34gIhpMkITsJIRG-vclyc1RI3-gsUFxpciWntBqPee4a3DXFMmkLXZlQZFTaYorcvOtdR7CdfkQfpwyhMTtIoBDPi-n77MclnVgLLrKCloYsoqaZ9upvUZ8iox9PpPp8SPuPJgZa8D9g_lhJfNQiHWXsZTGqrQPlSm1ctajzVR8RQggkCWgpSmaCwcZQNwXQ4_rlzzXyfYIPFkrXJwLrQURpc77oYXQRpkUJ4zbfdnvGFwDQH4iXf6T75qaNTpTTzrxd-b4NX3Re1zlMhKffdkfhwOnYu6nQJt8tw7HOzoP6Fex2dgnoVUkK5jfxfIMTHACD_0dYOpTSJfVaYLNgykRNM0MDD4X9nz4Azixu8UaoSayr-O-Yfuj6tK_PhiU6H_CUTy2_YqaHr7m9L-rDf4ySrwrtRb0e_szK3L7YZC3Sv_UEhxoF0Ssg8GkMwUSagL0HmBaU37Vh3d7RvABEYfAqvl0OEk18scOB5MSi3MZJVEClhz8w9JR7yECRwWm7E56w0gDB0iYVKmoLe4RO6GCBfNeM-2jho6EvBmqAd_wbR2ez8nxATr11uYMf2vrbJhS42pKseQm_Mz4bsPBw6K4MeOfl-pnNwu5HG7pgMl3FNcH6A-Q_gSi96tt5Fd42KWRJMrBYYrR4wgeuiEMaiN6y7jzirqTJWzf6-qaHMc4sOyMTnetOV1WKIMlzcPTSFeYhfJY7f-X1t3WUWUUkTO5QFwXmcoeayhSTEL3KqbGz2KJYSoZ87UVINfphZHK-7j7XrU8cWVhFoghf9mT7DmBeJ64vIF7chDowBidYZrMI8_ISibL9vHKOqtmNEva2GQQeTQaEBfxZU5m19e2JaF0Jza8IPM-8-RdId25eHn_GRxarXDVfQ&sai=AMfl-YSdtr6Lb37aeKe-gneB1AY6rhcm7YMjBuPXtvfPKXGLot7_r5v1_a_JfdxPK3uL2HAkkqjVKAZ04NW_cnhLQ1BAvlps6F6t5ea558AnHh_SqFmsp16QvlP6QlBq5X2jLR-oWPLtWbtpTrvFxBTaK3dhGn35JgToIQm82CoWJHOa4V01fwlqoip8nm0X7xXAOPcIlhW7Zyno8Bs2X6qmQD1FtzG7NGuBHkrjJP2u_NiKrvdRaitVHSBz9kpuy48SiaEcwN3MfoAotTosCLzEqpCgoxl9j1nR3JdqxXWZN3Zn4rhk&sig=Cg0ArKJSzMJQFCbYG9q7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: A255BADEAC03FF1F8FC7EC5903053B13
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 21F663303093CDF927C149B67EB47C3A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BBDD2DA8D85DC4535797607BC2341621
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C08E9B67B780759449EC277B8C6573C6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js
Frame ID: 427464781A98704778C4226305EB79F4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 656AA30A9D8D54019E5B7174EEE7D70E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A51287582B368E210A36E274C0E59219
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html
Frame ID: 45676DA66B2A96F5359E4807E119E576
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D6088DA9B9DA2CDD2A5143BE90762C38
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js
Frame ID: 23542E8BD0DD87B5D595A0CF4A99B5E9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js
Frame ID: 0D4270D8E045B2909F8EF8107E8E9BEA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3574.js
Frame ID: DFF5DB644844EC55D775497EA81842B4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21A79CF99E066AB3C861FDE9C95612F8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B718628B5B4B2D94EA0B4FF370A87705
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top4toP | مركز تحميل و رفع الصور و الملفات من الخليج إلى المغرب

Page URL History Show full URLs

http://top4top.io// HTTP 301
https://top4top.io/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

140
Requests

94 %
HTTPS

57 %
IPv6

19
Domains

29
Subdomains

21
IPs

4
Countries

1802 kB
Transfer

4593 kB
Size

21
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://download.top4top.io/upload-tool/
Title: حمله الآن

Search URL Search Domain Scan URL

URL: https://twitter.com/top4top_net
Title: تابعونا على تويتر

Search URL Search Domain Scan URL

URL: https://t.me/zSupport
Title: للتواصل الطارئ والسريع

Search URL Search Domain Scan URL

URL: https://twitter.com/top4top.io

Search URL Search Domain Scan URL

URL: https://cutt.us.com/
Title: الربح من اختصار الروابط

Search URL Search Domain Scan URL

URL: https://0i.is/
Title: اختصار الروابط

Search URL Search Domain Scan URL

URL: https://cutt.us/
Title: اختصار الروابط

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://top4top.io// HTTP 301
https://top4top.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://top4top.io/adimg-61?1678959101 HTTP 302
https://h.top4top.io/p_427vfh7e1.png

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 103

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 105

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOSh0JgfqPg7-BpXTtjDQQE&google_cver=1&google_push=Aa02lx_-2jL_u17NXg6iBMJbdHyC46E3xtuw6Y5g7ulUO7z-VL-EgGaMGdHcsG0l7DM32eztGVQDwjkU14QknwpPAKfPZ-XAaI-RtOM HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOSh0JgfqPg7-BpXTtjDQQE&google_cver=1&google_push=Aa02lx_-2jL_u17NXg6iBMJbdHyC46E3xtuw6Y5g7ulUO7z-VL-EgGaMGdHcsG0l7DM32eztGVQDwjkU14QknwpPAKfPZ-XAaI-RtOM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RTZqT2RyaUQxUENKWHg1&google_gid=CAESEOSh0JgfqPg7-BpXTtjDQQE&google_cver=1&google_push=Aa02lx_-2jL_u17NXg6iBMJbdHyC46E3xtuw6Y5g7ulUO7z-VL-EgGaMGdHcsG0l7DM32eztGVQDwjkU14QknwpPAKfPZ-XAaI-RtOM

Request Chain 106

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGe9B9iRVu1eOVw-13BjZxE&google_cver=1&google_push=Aa02lx9O1yshKeDZdeXwxKPeS2wF8hOehKNm49nWikEUWEjW18R6d-EGcQQbnKQx8uXTb3DF40DgeK_KDdHygaBt0LGm5Q2__lz9dA6E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9O1yshKeDZdeXwxKPeS2wF8hOehKNm49nWikEUWEjW18R6d-EGcQQbnKQx8uXTb3DF40DgeK_KDdHygaBt0LGm5Q2__lz9dA6E&google_hm=9-c9n1c6Q2q2FuReTUHfPhI

Request Chain 107

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELgDz5lCUR50E60f-HLiW70&google_cver=1&google_push=Aa02lx8GuxePK8-7rtY5C9C_Wx435AEHuFNCEGTIhAnzBHjg7BXZ_64W9ADnvsrSj9t1xRRbXrSN4yJDVfd3QngMx3V6w-p9thQvddnr HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELgDz5lCUR50E60f-HLiW70&google_cver=1&google_push=Aa02lx8GuxePK8-7rtY5C9C_Wx435AEHuFNCEGTIhAnzBHjg7BXZ_64W9ADnvsrSj9t1xRRbXrSN4yJDVfd3QngMx3V6w-p9thQvddnr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8GuxePK8-7rtY5C9C_Wx435AEHuFNCEGTIhAnzBHjg7BXZ_64W9ADnvsrSj9t1xRRbXrSN4yJDVfd3QngMx3V6w-p9thQvddnr&google_hm=pR4vb65cQfOT19TLNc-Fxg==

Request Chain 108

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECjltTm3DRgkr0xEolHchCg&google_cver=1&google_push=Aa02lx9phvtY3oSfYraO5VMO5D3sC211qhhRcW-7Vtkgw8vg0k-75b2_Gv4DcP85MWwyoe1xyndJR5WmvlLmloSaJOKyq2ta7hLTfsc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZBV1dGS0wtNS1FWTk5&google_push=Aa02lx9phvtY3oSfYraO5VMO5D3sC211qhhRcW-7Vtkgw8vg0k-75b2_Gv4DcP85MWwyoe1xyndJR5WmvlLmloSaJOKyq2ta7hLTfsc

Request Chain 109

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMVrxuxlcatuD-DkjR0pxpY&google_cver=1&google_push=Aa02lx_Agd6eCBtBjvOrXo63k-0NDIoSgGxhcbhKb8ZmfVElsUq1pbaZnRruGxaDbrkMlaTlTkW61DRVppmhEkwljJPqdgM37tKdVw8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMVrxuxlcatuD-DkjR0pxpY&google_push=Aa02lx_Agd6eCBtBjvOrXo63k-0NDIoSgGxhcbhKb8ZmfVElsUq1pbaZnRruGxaDbrkMlaTlTkW61DRVppmhEkwljJPqdgM37tKdVw8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMVrxuxlcatuD-DkjR0pxpY&google_hm=ZBLh_8H0c8_eMxLRWvSXCQAADRIAAAAB&google_nid=index&google_push=Aa02lx_Agd6eCBtBjvOrXo63k-0NDIoSgGxhcbhKb8ZmfVElsUq1pbaZnRruGxaDbrkMlaTlTkW61DRVppmhEkwljJPqdgM37tKdVw8

Request Chain 110

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDru1N6dztavpiwnDIPNmuM&google_cver=1&google_push=Aa02lx_6Pe3_3q_NMAA7AzAot5U_w-UdcOYFTTlQNKtFsZQJaMtiHE-so8cJCoIKrgrtI9IhZNhbDsgbLju0RS461F6XknHyNt80oq6H HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_6Pe3_3q_NMAA7AzAot5U_w-UdcOYFTTlQNKtFsZQJaMtiHE-so8cJCoIKrgrtI9IhZNhbDsgbLju0RS461F6XknHyNt80oq6H

Request Chain 111

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHUP-Hg14KHYCv1_kxG8p1c&google_cver=1&google_push=Aa02lx9OU8iwKgSG2QgGVqRcnBodQrKfDDUe27GSsSco23iKp0NCodRxCYzwiGEQ_5f2frCIS_09xgjPTX7CnpqP1i9PRXjbkt3vGnsz HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHUP-Hg14KHYCv1_kxG8p1c%26google_cver%3D1%26google_push%3DAa02lx9OU8iwKgSG2QgGVqRcnBodQrKfDDUe27GSsSco23iKp0NCodRxCYzwiGEQ_5f2frCIS_09xgjPTX7CnpqP1i9PRXjbkt3vGnsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTIyMjEwNDUwMDQ5ODA5MTI5Ng%3D%3D&google_gid=CAESEHUP-Hg14KHYCv1_kxG8p1c&google_cver=1&google_push=Aa02lx9OU8iwKgSG2QgGVqRcnBodQrKfDDUe27GSsSco23iKp0NCodRxCYzwiGEQ_5f2frCIS_09xgjPTX7CnpqP1i9PRXjbkt3vGnsz

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

140 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
top4top.io/
Redirect Chain

http://top4top.io//
https://top4top.io/

22 KB
22 KB

171ms
124ms

Document
text/html

188.165.137.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://top4top.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.137.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ip170.ip-188-165-137.eu
Software: HotCores /
Resource Hash: 884e8ddcd857eb74f736b1d73a1e4ebfad9acd55cc8e5ac5c43d01f528ef6a5a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: private, no-cache="set-cookie"
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Mar 2023 09:31:41 GMT
Expires: 0
I-AM: US03
Pragma: no-cache
Server: HotCores
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 16 Mar 2023 09:31:41 GMT
Location: https://top4top.io
Server: nginx

GET
H2 200 reset.css
s.top4top.io/styles/default-new-reg/css/ 675 B
945 B 78ms
25ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/reset.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a3259106934713084ea8e90baedf51a931703f888958e019e6ab3b3eb6467d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158838
cf-polished: origSize=1013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
etag: W/"57e8eb5d-3f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fbh3N1toUsxlT98HM499Ea0mBJqAW0n37HeFa6%2BPsBev6RkLsGlRqMv3lT2Krwe3DYDjgyz1vxUs2DSZz%2Bfeg6G8axhXZxPMhQsQKkouqnVIvNBpUCwOjlOVfgi19aL%2FOt4HRFljqDl0CUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc12591ff100-CDG
expires: Tue, 21 Mar 2023 13:24:22 GMT

GET
H2 200 stylesheet-3.3.css
s.top4top.io/styles/default-new-reg/css/ 18 KB
5 KB 83ms
30ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/stylesheet-3.3.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28649315acaf52dcb3e1e8a0c316dbdee5ef7fc27638ab8c7fa1c4d637f4b5e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158838
cf-polished: origSize=23881
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
server: cloudflare
etag: W/"5e0bab24-5d49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pdg3fz%2FdttcVL%2BhDUKQP7WW6fsMTVaeY4yYMRkmtp0PaLuw5bDxBk3MZaxZK%2BhnGfKnFuNGx3q4v0sc73JPqq%2FO%2BSbEh1X0XqkJv9wnRU8UXGp8A3%2FYVQmir%2Fiyt1AX9P3huaav8yljFY0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc125920f100-CDG
expires: Tue, 21 Mar 2023 13:24:22 GMT

GET
H2 200 bootstrap.rtl.min.css
s.top4top.io/styles/default-new-reg/css/ 111 KB
19 KB 84ms
31ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a60f90398750c832d435897bcd263a7b9dac3c581e55dfd5d04020ee1d849350

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
etag: W/"57e8eb5d-1bae7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=589U32urZJC2RbaxW760cSjmh3gvLkjUVuhmB8rGWWfhSsbaixXSPkAT8Ntkd9dmlSRblkJp2kVuIDDCXpZF3hS3Da%2BAmwBPTry%2FY7c18st7q2wTEQJACSK7VJjQk%2FAHfStxpQPr%2BNwtbCc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc125921f100-CDG
expires: Tue, 21 Mar 2023 13:24:22 GMT

GET
H2 200 font-awesome.min.css
s.top4top.io/styles/default-new-reg/css/ 22 KB
5 KB 79ms
26ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba55961d7ac71561db39cb5be18d75ee12b453a401d3d7561b825664df464aa2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
server: cloudflare
etag: W/"5e0bab24-578f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4tdFUmyHp2UpEcuIYdxnQkn2GpVp%2B0uBKrluJhkDC2Ci3tkIjfB%2BIqmPOyEbSrU6%2BNCKwyNYEq2I0mAaTD9RIEde6EcGbvbrirExsEHKssseg04i4HhkyJbtZs0PuYQRv8BYtDEcXU5ViE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc125923f100-CDG
expires: Tue, 21 Mar 2023 13:24:22 GMT

GET
H2 200 animate.min.css
s.top4top.io/styles/default-new-reg/css/ 52 KB
4 KB 81ms
29ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48f9a7031474a0f73f92f2e6cbbfad730b5466cda96d86a4459c06efc986173

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
etag: W/"57e8eb5d-d0b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyuEXePmzgwadztchNT5rUzufhpWKjCTUlHdVZ%2F4P9q7lIQuyj54qKZuYcjbyr3I0IYOxcfxMDyxkNZPmV7orJQ%2B%2B%2FBXlhlB76%2F0yMvQjMULeEJUcrtsBokaccD%2Bcu0nXQGC3r0pNDsfhuc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc125924f100-CDG
expires: Tue, 21 Mar 2023 13:24:22 GMT

GET
H2 200 fonts.css
s.top4top.io/styles/default-new-reg/css/ 411 B
490 B 80ms
28ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9837b46a37e8117cb24a8819b66ee698f99d0606fbcb8fa19435cac474abcbc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158838
cf-polished: origSize=487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
server: cloudflare
etag: W/"5e0bab24-1e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqggJASBmOrztUTN2IK%2BlFKug0EqI2vtrF9BAbMkXHja0EXl7iNoOhBn%2BTrDjlpNqrXW9KlbvjuBGiCwnAt6113aR%2FnsP508uPslrgm3OuT6LkIIta5BYlU9ZJ%2B0zhK6nHd%2BCtvgAOnEpfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc125927f100-CDG
expires: Tue, 21 Mar 2023 13:24:22 GMT

GET
H2 200 the220px.css
s.top4top.io/styles/default-new-reg/css/ 9 KB
3 KB 78ms
26ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28953ed5afed86c341b5b201d5ba93abd34ede7fcf2f21e8dc0e1be6c54cfc6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158838
cf-polished: origSize=11662
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 Mar 2017 23:54:29 GMT
server: cloudflare
etag: W/"58cb25b5-2d8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmHioOVKR1OvZ1Ct%2FmideLft250LrtJB98oPEXCpO6ow%2FzGhk4yNVsRuq5dF0jeU8nssFOjLnibcUGldy1X%2Bt1wSaJDZ19%2FHNcxK5xT19BCA5fi57CEOdjosTWb%2FV7pQDC57ZiXMKFlGlh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc125925f100-CDG
expires: Tue, 21 Mar 2023 13:24:22 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 86ms
25ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 19:36:10 GMT

GET
H2 200 bootstrap.min.js Show response
s.top4top.io/styles/default-new-reg/js/ 34 KB
10 KB 98ms
46ms Script
application/javascript 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
etag: W/"57e8eb5d-875d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mc75x0vuFrRklWaUC9H2mW7s2HrdCV3yvfHw28JJpyW0LfNKgmCKfPo2g4gKkFerDNNHZkw7y0SFit9zIdv9EaTNyHamoKTp08ZbxYAp7hXJm3XKdT4w%2FkMZ%2F46WYeuOmSn2XPj%2BJwUWE3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc12793ef100-CDG
expires: Tue, 21 Mar 2023 13:24:22 GMT

GET
H2 200 the220px.js Show response
s.top4top.io/styles/default-new-reg/js/ 474 B
599 B 93ms
41ms Script
application/javascript 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/js/the220px.js?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfa7cfcb56c0960950a50a392063f2463d216ee2b83de0aa011893816e76962c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 556762
cf-polished: origSize=562
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
etag: W/"57e8eb5d-232"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnKXheo3SzJN6O%2FOfptHPTI8TvWu34UDRCjL4Tp7h2feFlBEdFwYgXqrjm0bYFSU4Ju9R%2BacSyZO3Or4zP3eUmtZTeCZyoHkioE%2Fmqj5w7bcfNYy5Z55tZNmXPOuYu9a8SLAyRm6WYXeu20%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc125928f100-CDG
expires: Thu, 16 Mar 2023 22:52:19 GMT

GET
H2 200 javascript.js Show response
s.top4top.io/styles/default-new-reg/ 6 KB
2 KB 95ms
43ms Script
application/javascript 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/javascript.js?rev=47
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937f0bf91c33631f746a0465609e009b41d9d8dcdea2e370360666a1729a3fa3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158838
cf-polished: origSize=16039
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
etag: W/"57e8eb5d-3ea7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsvNiRxdoCaENC9xBUuMXo0ChBy7m1CGdIPX9BhaCmC16pZJRHpnqwzZzy5FRTAjItZ3iZ7NiQ5%2Bx81KS3wUw9XXrlbPHzDyfnGF%2FZ%2BrbCknTM0YDlBliVqZFbY94dh2SfLHrMFfutnfDm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc12793cf100-CDG
expires: Tue, 21 Mar 2023 13:24:22 GMT

GET
H3 200 newlogo.png
s.top4top.io/styles/default-new-reg/images/ 19 KB
19 KB 26ms
26ms Image
image/png 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.top4top.io/styles/default-new-reg/images/newlogo.png
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
cf-cache-status: HIT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 159024
etag: W/"57e8eb5d-4a7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pw%2BqrEv3hjXc7jmn5767A33WRB0sGaMNv7s3J5r%2BmC3bICC1LvTQ%2BhaClp%2BaVlzSoj2PoxLz5QfmVF5%2FxDet1jc5uyYRAA0B1jVBPgAbUMkQWf%2F6vbL1yL3fq7YqDb7dxdoLYH2HLviaimc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc12ce45d536-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 21 Mar 2023 13:21:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 121ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f05d189ca32eaea20ba5cbea1217952fc5b452fe850e05b3a1d1272cbfd2153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48592
x-xss-protection: 0
server: cafe
etag: 13410600396420938858
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 09:31:41 GMT

GET
H3 200 loading.gif
s.top4top.io/styles/default-new-reg/images/ 32 KB
32 KB 32ms
32ms Image
image/gif 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.top4top.io/styles/default-new-reg/images/loading.gif
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7ea71a09f4ef6432bfac9f46c14133f6ffee7db66ef69efccfa97cbbedcebfb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
cf-cache-status: HIT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 147450
etag: W/"57e8eb5d-7f15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrYt1pOndZRlidyY49xUJHOL8JGDJxkdtuFD5%2BiRgH4tNWeSSnhJ7b8AiHoHW%2BpZoJs9lBPOlD2T6%2BfY4HGGZcqwQBuMja8gJ948yiWdIwSvJmlFZUJ33waT7YdhXhGpjf16LiW%2Buv3ZuoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc12de4bd536-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 21 Mar 2023 16:34:11 GMT

GET
H/1.1 200
OK adpull.php Show response
top4top.io/ads/ 337 B
489 B 96ms
95ms Script
text/javascript 188.165.137.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://top4top.io/ads/adpull.php?n=1&w=300&h=250&call=js&t=banner&divid=7787112109
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.137.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ip170.ip-188-165-137.eu
Software: HotCores /
Resource Hash: a40441867f5b970ef12f54fd7292218aab8e9825a09aa6c720f239d311660ce3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 09:31:41 GMT
I-AM: US03
Server: HotCores
Content-Length: 337
Content-Type: text/javascript;Charset=UTF-8

GET
H3 200 soft.png
s.top4top.io/styles/default-new-reg/images/ 40 KB
41 KB 71ms
71ms Image
image/png 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.top4top.io/styles/default-new-reg/images/soft.png
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
cf-cache-status: HIT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 159024
etag: W/"57e8eb5d-a120"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHB7rEnmYiSLQs%2FY0Dt1ath1y1cVhlFrIqJrKN8KiRwkbnQz8%2BzmBdAYTeBU4OTDJdoTnUaR8HhoiI5nTGnXbu%2FGf4%2FpWYMoNerlbLfQJdfFglPOtLEcrigZvISolWG6uDzOQAnoXTh5CEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc12de4cd536-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 21 Mar 2023 13:21:17 GMT

GET
H2 200 fonts.css
s.top4top.io/styles/default-new-reg/css/ 411 B
542 B 25ms
24ms Stylesheet
text/css 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/css/fonts.css
Requested by: Host: s.top4top.io
URL: https://s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9837b46a37e8117cb24a8819b66ee698f99d0606fbcb8fa19435cac474abcbc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158838
cf-polished: origSize=487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
server: cloudflare
etag: W/"5e0bab24-1e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BDn4iX37NjcYTy3g6T7%2FenRr698aknJM68IHuYPN9H57%2BEdErU5SES2c8a5WW89U%2BiMq7Pa4Si2IOceruzKniWTt76LnwSdSpqY6dbW0yVOsahGI4DGRDkAMvbChFVP2FhlQQsDWUz9St4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-ray: 7a8bfc129951f100-CDG
expires: Tue, 21 Mar 2023 13:24:23 GMT

GET
H3 200 NeoSansArabic.woff
s.top4top.io/styles/default-new-reg/fonts/ 115 KB
116 KB 51ms
25ms Font
font/woff 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/fonts/NeoSansArabic.woff
Requested by: Host: s.top4top.io
URL: https://s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 788559c056a4f64455d4208befee3e58bd6f5d4a92fdb4af84f0fdd23cc32278

Request headers

Referer: https://s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
Origin: https://top4top.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158856
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117704
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
etag: "57e8eb5d-1cbc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Is2bccoPSGxJ81FYGnjzOOhjezlouC4QOYwwVSr2nqPYiC9s7D07f2FH89lVvWV3ozfNlJrW9U6M%2FjqiAKnoevPZZ7gPg9ago5Vad4NqSJSG1VIhCqe51Run0cSU%2BrP6u1HxAhSd5CS4l8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7a8bfc130ef1d5a8-CDG
expires: Tue, 21 Mar 2023 13:24:05 GMT

GET
H3 200 fontawesome-webfont.woff
s.top4top.io/styles/default-new-reg/fonts/ 64 KB
64 KB 62ms
40ms Font
font/woff 2606:4700:3033::6815:589
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.top4top.io/styles/default-new-reg/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: s.top4top.io
URL: https://s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:589 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
Origin: https://top4top.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158856
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65452
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
server: cloudflare
etag: "57e8eb5d-ffac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4F%2BdM7Z16EPXien%2Ba4ynfwnQgmhjGytvaKAX4jj81S6G5sDKckbdhVfp2%2FiWyNCnxtzB5IYJgSyyu5dOKlw8aVwDNLq8kHT78noR3ZeQT%2FuJPBjw5vTUD06Zu66M1POSW1IDmPFnP%2B5Yys%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7a8bfc130ef0d5a8-CDG
expires: Tue, 21 Mar 2023 13:24:05 GMT

GET
H2

200

p_427vfh7e1.png
h.top4top.io/
Redirect Chain

https://top4top.io/adimg-61?1678959101
https://h.top4top.io/p_427vfh7e1.png

42 KB
43 KB

195ms
130ms

Image
image/png

51.159.67.135
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.top4top.io/p_427vfh7e1.png
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: H2
Server: 51.159.67.135 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: par-223012.flapyhosting.com
Software: nginx /
Resource Hash: 4f6528919bb0f9ba4d23d37761fd4fd18561cfdaac54afe7f852dc9612960d7a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-file-id: x16233079x
date: Thu, 16 Mar 2023 09:31:42 GMT
last-modified: Fri, 03 Mar 2017 15:22:29 GMT
server: nginx
etag: "58b98a35-a905"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="427vfh7e1.png"
accept-ranges: bytes
content-length: 43269
expires: Thu, 16 Mar 2023 11:31:42 GMT

Redirect headers

Location: https://h.top4top.io/p_427vfh7e1.png
Date: Thu, 16 Mar 2023 09:31:42 GMT
I-AM: US01
Server: HotCores
Content-Length: 3
Content-Type: text/html; charset=UTF-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 90ms
26ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Mar 2023 09:19:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 729
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 16 Mar 2023 11:19:33 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/ 365 KB
121 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7974902520762023&plah=top4top.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

185de71d471b0ab56f8b2bfdfb1a74f93ca2a70e7d06603bfdde7c210247501f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123401
x-xss-protection: 0
server: cafe
etag: 11372152547800261545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 09:31:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230314/r20190131/ Frame 37C7 10 KB
5 KB 103ms
32ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230314/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 20258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 03:54:04 GMT
etag: 2378337311435320485
expires: Thu, 30 Mar 2023 03:54:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
204 B 37ms
35ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=944656424&t=pageview&_s=1&dl=https%3A%2F%2Ftop4top.io%2F&ul=en-us&de=UTF-8&dt=Top4toP%20%7C%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D9%88%20%D8%B1%D9%81%D8%B9%20%D8%A7%D9%84%D8%B5%D9%88%D8%B1%20%D9%88%20%D8%A7%D9%84%D9%85%D9%84%D9%81%D8%A7%D8%AA%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC%20%D8%A5%D9%84%D9%89%20%D8%A7%D9%84%D9%85%D8%BA%D8%B1%D8%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=219529306&gjid=446010207&cid=940131322.1678959102&tid=UA-9340508-1&_gid=343785174.1678959102&_r=1&_slc=1&z=1651557820

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://top4top.io/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://top4top.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 146ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=top4top.io&callback=_gfp_s_&client=ca-pub-7974902520762023

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7974902520762023&plah=top4top.io

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f242efc3874d0c6b2acd4cc6b376e8eef5e0763acc03b5cf997cd533ad35ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
531 B 130ms
51ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=top4top.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 185ms
36ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=top4top.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EF85 400 KB
74 KB 285ms
282ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&adk=1812271804&adf=3025194257&lmt=1678959102&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Ftop4top.io%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678959102065&bpp=4&bdt=310&idt=122&shv=r20230314&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1212915722020&frm=20&pv=2&ga_vid=940131322.1678959102&ga_sid=1678959102&ga_hid=944656424&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759926%2C44773809%2C44759842%2C44759875%2C31071756%2C31073058&oid=2&pvsid=3807785847487716&tmod=865089248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=177

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

072431ea5a7acc31d372789d456ddd7980fdfebd7ca917e4dbf988ef58abbf6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75881
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:31:42 GMT
expires: Thu, 16 Mar 2023 09:31:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ADD1 90 KB
32 KB 381ms
378ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1678959102&rafmt=1&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678959102069&bpp=2&bdt=314&idt=203&shv=r20230314&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1212915722020&frm=20&pv=1&ga_vid=940131322.1678959102&ga_sid=1678959102&ga_hid=944656424&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759926%2C44773809%2C44759842%2C44759875%2C31071756%2C31073058&oid=2&pvsid=3807785847487716&tmod=865089248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z7LH5z5GHt&p=https%3A//top4top.io&dtd=237

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78e808734a59eb53f14e50336bf18ad92b4e8bdd0d7225b59d6ce55ee1022286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32306
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:31:42 GMT
expires: Thu, 16 Mar 2023 09:31:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A22 93 KB
37 KB 289ms
259ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1678959102&rafmt=1&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678959102071&bpp=1&bdt=316&idt=250&shv=r20230314&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=1212915722020&frm=20&pv=1&ga_vid=940131322.1678959102&ga_sid=1678959102&ga_hid=944656424&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759926%2C44773809%2C44759842%2C44759875%2C31071756%2C31073058&oid=2&pvsid=3807785847487716&tmod=865089248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=EKfTJY8ror&p=https%3A//top4top.io&dtd=297

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ffbeaf86cec2d9c2bdd40121202d5294eeed5433b94fa8a1a126fc7ed058c7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38171
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:31:43 GMT
expires: Thu, 16 Mar 2023 09:31:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame ADD1 6 KB
1 KB 111ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1678959102&rafmt=1&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678959102069&bpp=2&bdt=314&idt=203&shv=r20230314&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1212915722020&frm=20&pv=1&ga_vid=940131322.1678959102&ga_sid=1678959102&ga_hid=944656424&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759926%2C44773809%2C44759842%2C44759875%2C31071756%2C31073058&oid=2&pvsid=3807785847487716&tmod=865089248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z7LH5z5GHt&p=https%3A//top4top.io&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Mar 2023 09:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 08:05:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Mar 2023 09:31:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame ADD1 2 KB
846 B 109ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/ Frame ADD1 22 KB
9 KB 100ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9097
x-xss-protection: 0
server: cafe
etag: 6133207136504656605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame ADD1 3 KB
1 KB 74ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 20:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 20:17:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame ADD1 20 KB
8 KB 105ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8559
x-xss-protection: 0
server: cafe
etag: 11326455550778179109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:13:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADD1 158 KB
49 KB 113ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 09:31:42 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame ADD1 34 KB
15 KB 88ms
26ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 21:07:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 17:29:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ADD1 0
0 70ms
69ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cw6_K_uESZL7_FcWY78EPwZSHqASUtafCbtjHqNH9DqnypfOpDxABII6Mgnlg-9mQg7gKoAHIsanNA8gBCagDAcgDywSqBMQBT9DBu6YO_SieekBZQ_pM0NUblRx_yQ5Z-n-7_SEZTzTrjflB-Nn1ihKyrdYU6cNpH70Wcumnd3sB3rbaZf_LnOgjRGF4ec_6wr1CdK6yxpLUbfdNpNfmlZIJxfzpzzQ_NAyyu6TdVdXzTxpVwCl0cLqYPDOOXt950rmznkkpHultrXS_5jbFlAiObc9Xu8ZDQCTV9TRfJyliuSzdvjiGMN6GZBs5yOQnNxvrTa45_no88XuKssVPlU67PDmr-0l0AoAocsAEudDj7eoDkgUECAQYAZIFBAgFGASgBi6AB-Tq4jWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBClgGbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwyIFATQFQGAFwGyFxwKGggAEhRwdWItNzk3NDkwMjUyMDc2MjAyMxgA&sigh=KLdo88bEm3o&uach_m=[UACH]&cid=CAQSGwDUE5ymgjjGtBXhvZ6umphyS47nZvzC_rx6TRgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=9265664435&adk=1798011881&adf=3330382181&pi=t.ma~as.9265664435&w=1140&fwrn=4&fwrnh=100&lmt=1678959102&rafmt=1&format=1140x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678959102069&bpp=2&bdt=314&idt=203&shv=r20230314&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1212915722020&frm=20&pv=1&ga_vid=940131322.1678959102&ga_sid=1678959102&ga_hid=944656424&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759926%2C44773809%2C44759842%2C44759875%2C31071756%2C31073058&oid=2&pvsid=3807785847487716&tmod=865089248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z7LH5z5GHt&p=https%3A//top4top.io&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Mar 2023 09:31:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Mar 2023 09:31:42 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/ 149 KB
51 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3bf67eeebc9f9af60b38d8fe6a808e7e8722982c72c6867d68e05582c311143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52049
x-xss-protection: 0
server: cafe
etag: 9895840493547053763
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 09:31:42 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8984929922883291686/ Frame ADD1 5 KB
6 KB 77ms
48ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8984929922883291686/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e5c02a9cc1535fce55c447bf2d55b43709876611f771e4cf75386760f526ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 07:00:38 GMT
x-content-type-options: nosniff
age: 268264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5612
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 02:49:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Mar 2024 07:00:38 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/841684701835869913/ Frame ADD1 2 KB
2 KB 79ms
50ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/841684701835869913/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1490aad284b9af37c925810fe6cad4bf2b972ffbf906462c0e391d3218bd1224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 07:00:42 GMT
x-content-type-options: nosniff
age: 268260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2231
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 11:20:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Mar 2024 07:00:42 GMT

GET
DATA 200
OK truncated
/ Frame ADD1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91dcf01cdf88e9b126022fd8d28fe61a13017d83bce2de6a8a69b4d04a1aeba9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
165 B 39ms
34ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=top4top.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 39ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=top4top.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/ Frame BBC7 10 KB
4 KB 27ms
25ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 79771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 11:22:11 GMT
etag: 2378337311435320485
expires: Wed, 29 Mar 2023 11:22:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/ Frame 0324 10 KB
4 KB 27ms
26ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 79771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 11:22:11 GMT
etag: 2378337311435320485
expires: Wed, 29 Mar 2023 11:22:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/ Frame 84D5 10 KB
4 KB 27ms
26ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 79771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 11:22:11 GMT
etag: 2378337311435320485
expires: Wed, 29 Mar 2023 11:22:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame BBC7 4 KB
732 B 38ms
37ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Mar 2023 09:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 08:45:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Mar 2023 09:31:43 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BBC7 205 B
519 B 27ms
25ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 08:49:38 GMT
x-content-type-options: nosniff
age: 2525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Mar 2024 08:49:38 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BBC7 604 B
694 B 28ms
27ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:15:09 GMT
x-content-type-options: nosniff
age: 994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Mar 2024 09:15:09 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/elements/html/ Frame BBC7 20 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

317f149045d69a8bf445de8bbd3ff61b2cc95da746998e97f4381dfe3326c7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 16448057571289220057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:35 GMT

GET
H2 200 0f98ab093493e21e6a1e2127137795a3.js Show response
www.gstatic.com/mysidia/ Frame 0324 10 KB
4 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0f98ab093493e21e6a1e2127137795a3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b87eb697514c4f7f78d19319a9f7f9ec477787d3c6060ae86eb7cb04a64eac13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4382
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 21:07:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 04:45:46 GMT

GET
H2 200 ec50de85495f28590e259a5bfc1feac2.js Show response
www.gstatic.com/mysidia/ Frame 0324 11 KB
5 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ec50de85495f28590e259a5bfc1feac2.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d12fcbeb7624beef6c90755330fd5dfc2fd155c8e1f596129c9531821c5a85be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 03:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4795
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 02:16:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 03:40:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0324 8 KB
968 B 38ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Mar 2023 09:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 08:21:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Mar 2023 09:31:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 0324 2 KB
804 B 33ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/ Frame 0324 22 KB
9 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9097
x-xss-protection: 0
server: cafe
etag: 6133207136504656605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 0324 3 KB
1 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 20:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 20:17:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 0324 20 KB
8 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8559
x-xss-protection: 0
server: cafe
etag: 11326455550778179109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:13:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0324 158 KB
48 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 09:31:43 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 0324 34 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 21:07:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 17:29:49 GMT

GET
H2 200 0f98ab093493e21e6a1e2127137795a3.js Show response
www.gstatic.com/mysidia/ Frame 84D5 10 KB
4 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0f98ab093493e21e6a1e2127137795a3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b87eb697514c4f7f78d19319a9f7f9ec477787d3c6060ae86eb7cb04a64eac13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4382
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 21:07:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 04:45:46 GMT

GET
H2 200 ec50de85495f28590e259a5bfc1feac2.js Show response
www.gstatic.com/mysidia/ Frame 84D5 11 KB
5 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ec50de85495f28590e259a5bfc1feac2.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d12fcbeb7624beef6c90755330fd5dfc2fd155c8e1f596129c9531821c5a85be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 03:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4795
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 02:16:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 03:40:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 84D5 8 KB
968 B 37ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Mar 2023 09:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 08:51:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Mar 2023 09:31:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 84D5 2 KB
799 B 33ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/ Frame 84D5 22 KB
9 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9097
x-xss-protection: 0
server: cafe
etag: 6133207136504656605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 84D5 3 KB
1 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 20:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 20:17:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 84D5 20 KB
8 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8559
x-xss-protection: 0
server: cafe
etag: 11326455550778179109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:13:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84D5 158 KB
48 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 09:31:43 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 84D5 34 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 21:07:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 17:29:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ADD1 15 KB
16 KB 95ms
26ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 23:09:06 GMT
x-content-type-options: nosniff
age: 555757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 23:09:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ADD1 15 KB
16 KB 99ms
33ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 523535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 08:06:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ADD1 15 KB
15 KB 118ms
54ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 588367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 14:05:36 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 9A22 67 B
188 B 46ms
28ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1678959102&rafmt=1&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678959102071&bpp=1&bdt=316&idt=250&shv=r20230314&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=1212915722020&frm=20&pv=1&ga_vid=940131322.1678959102&ga_sid=1678959102&ga_hid=944656424&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759926%2C44773809%2C44759842%2C44759875%2C31071756%2C31073058&oid=2&pvsid=3807785847487716&tmod=865089248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=EKfTJY8ror&p=https%3A//top4top.io&dtd=297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 01:23:49 GMT
x-content-type-options: nosniff
server: cafe
age: 29274
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Fri, 17 Mar 2023 01:23:49 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A255 0
0 150ms
72ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSh3zcUwi60fIgqtMjP96oZWZ_UzXliEs8vAlhwQdm9big1edmlj2LZKlB203wgvxlIBUFAvqibqprxMm_4hvrXTncCAlWn9X5Pq77KTqMqEPkYA_l2sygmtYfIMyebZpS-5kxKFazBfTcL_n2anXth34gIhpMkITsJIRG-vclyc1RI3-gsUFxpciWntBqPee4a3DXFMmkLXZlQZFTaYorcvOtdR7CdfkQfpwyhMTtIoBDPi-n77MclnVgLLrKCloYsoqaZ9upvUZ8iox9PpPp8SPuPJgZa8D9g_lhJfNQiHWXsZTGqrQPlSm1ctajzVR8RQggkCWgpSmaCwcZQNwXQ4_rlzzXyfYIPFkrXJwLrQURpc77oYXQRpkUJ4zbfdnvGFwDQH4iXf6T75qaNTpTTzrxd-b4NX3Re1zlMhKffdkfhwOnYu6nQJt8tw7HOzoP6Fex2dgnoVUkK5jfxfIMTHACD_0dYOpTSJfVaYLNgykRNM0MDD4X9nz4Azixu8UaoSayr-O-Yfuj6tK_PhiU6H_CUTy2_YqaHr7m9L-rDf4ySrwrtRb0e_szK3L7YZC3Sv_UEhxoF0Ssg8GkMwUSagL0HmBaU37Vh3d7RvABEYfAqvl0OEk18scOB5MSi3MZJVEClhz8w9JR7yECRwWm7E56w0gDB0iYVKmoLe4RO6GCBfNeM-2jho6EvBmqAd_wbR2ez8nxATr11uYMf2vrbJhS42pKseQm_Mz4bsPBw6K4MeOfl-pnNwu5HG7pgMl3FNcH6A-Q_gSi96tt5Fd42KWRJMrBYYrR4wgeuiEMaiN6y7jzirqTJWzf6-qaHMc4sOyMTnetOV1WKIMlzcPTSFeYhfJY7f-X1t3WUWUUkTO5QFwXmcoeayhSTEL3KqbGz2KJYSoZ87UVINfphZHK-7j7XrU8cWVhFoghf9mT7DmBeJ64vIF7chDowBidYZrMI8_ISibL9vHKOqtmNEva2GQQeTQaEBfxZU5m19e2JaF0Jza8IPM-8-RdId25eHn_GRxarXDVfQ&sai=AMfl-YSdtr6Lb37aeKe-gneB1AY6rhcm7YMjBuPXtvfPKXGLot7_r5v1_a_JfdxPK3uL2HAkkqjVKAZ04NW_cnhLQ1BAvlps6F6t5ea558AnHh_SqFmsp16QvlP6QlBq5X2jLR-oWPLtWbtpTrvFxBTaK3dhGn35JgToIQm82CoWJHOa4V01fwlqoip8nm0X7xXAOPcIlhW7Zyno8Bs2X6qmQD1FtzG7NGuBHkrjJP2u_NiKrvdRaitVHSBz9kpuy48SiaEcwN3MfoAotTosCLzEqpCgoxl9j1nR3JdqxXWZN3Zn4rhk&sig=Cg0ArKJSzMJQFCbYG9q7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Mar 2023 09:31:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A255 106 KB
37 KB 97ms
26ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 07:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Mar 2023 07:16:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A255 41 KB
15 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 12:23:19 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame A255 36 KB
14 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

102239dae9b7e965c508b3d89615f357d921deeb719576cc8c99109208198590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14334
x-xss-protection: 0
server: cafe
etag: 17202017489058068890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame A255 3 KB
1 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 20:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 20:17:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame A255 20 KB
8 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8559
x-xss-protection: 0
server: cafe
etag: 11326455550778179109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:13:16 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A255 0
0 101ms
34ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTteFbAqz-iDOfMg2JGjcEsPcM-OHkfFVKB3IVI_PZemAtxylsogfplIlWQBNsHkwhCHRwiC9eOok6HlUo98plgcNJyOw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974902520762023&output=html&h=280&slotname=2740616398&adk=1148954392&adf=2723329071&pi=t.ma~as.2740616398&w=1200&fwrn=4&fwrnh=100&lmt=1678959102&rafmt=1&format=1200x280&url=https%3A%2F%2Ftop4top.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678959102071&bpp=1&bdt=316&idt=250&shv=r20230314&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=1212915722020&frm=20&pv=1&ga_vid=940131322.1678959102&ga_sid=1678959102&ga_hid=944656424&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759926%2C44773809%2C44759842%2C44759875%2C31071756%2C31073058&oid=2&pvsid=3807785847487716&tmod=865089248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=EKfTJY8ror&p=https%3A//top4top.io&dtd=297
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A255 158 KB
48 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 09:31:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/ Frame A255 22 KB
9 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9097
x-xss-protection: 0
server: cafe
etag: 6133207136504656605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:03 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 21F6 8 KB
895 B 42ms
42ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Mar 2023 09:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 08:03:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Mar 2023 09:31:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 21F6 2 KB
765 B 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/ Frame 21F6 22 KB
9 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9097
x-xss-protection: 0
server: cafe
etag: 6133207136504656605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 21F6 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 20:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 20:17:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 21F6 20 KB
8 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8559
x-xss-protection: 0
server: cafe
etag: 11326455550778179109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:13:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21F6 158 KB
48 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 09:31:43 GMT

GET
H3 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 21F6 34 KB
14 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 21:07:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 17:29:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BBDD 143 B
166 B 34ms
25ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:22:07 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C08E 143 B
166 B 26ms
25ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:22:07 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4274 36 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:31:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 22:31:10 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 656A 1 KB
643 B 29ms
28ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 76102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Thu, 16 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A255 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a27fb3d825d740109af24cb34d22be9ed46c5b831352d47d0ace9b333b27e83

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A512 22 KB
8 KB 28ms
27ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 412561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 14:55:42 GMT
expires: Sun, 10 Mar 2024 14:55:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame A255 8 KB
4 KB 118ms
29ms Script
application/javascript 2a02:26f0:480:9::210:ee05
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=29279548&sid=6280934&plc=360779810&num=&adid=&advid=8650961&adsrv=1&btreg=551807199&btadsrv=doubleclick&crt=187644617&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee05 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3072fd2c999045e7dfd9bb483ba4687daeacde28cb06f4f2177366737f8a564e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 09:31:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Mar 2023 11:12:50 GMT
Server: Microsoft-IIS/10.0
ETag: "0e54f142f57d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3336

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/ Frame 4567 5 KB
2 KB 85ms
28ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74111b99feaedb852e07a14bd6cc2a3796e309073ad8255f0733e2d6c2f110f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 435180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1701
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 08:38:43 GMT
expires: Sun, 10 Mar 2024 08:38:43 GMT
last-modified: Tue, 28 Feb 2023 08:49:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0324 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78f514d69647f9a518bfbc6347056a8a89bfe3a99634a50cc90a80d659e72163

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D608 143 B
166 B 32ms
31ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:22:07 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 84D5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d3739641977b990a78140691fdc6dbcac521dfde371f21d6ebcd3b5ae2416c9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BBDD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

57ms
57ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:31:43 GMT
expires: Thu, 16 Mar 2023 09:31:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:31:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2354 36 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:31:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 22:31:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0324 0
18 B 69ms
69ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBaV9_uESZI3rEaiR78EP4uy0kA7ZkIDlbsallcPzEIyivYfSHhABII6Mgnlg-9mQg7gKoAGk3ZqLA8gBAagDAcgDywSqBLsBT9D5ZdzGZsax7uzBq9ChwV6tmlTUyu8HIfsFu-rstWe7LYNO8H2nH1Bm_8RIsJrUhkCKZTKraK3E9-OCeR6ORu3470unAktei0lqJqRz31Yzq7JVdHhmkGKXdSQfsppEPgK7DNoLjS_3Nl3KzYyFJHre3h1mY8XYvI9FUuaFb7JdmTNt1xtBb8mDqxMGmOcB_35tVdURdIJJPATm1dPZkclO8OKv6Us8mKDymBqff_XPNKvCssZur6s_mMAEkuz4hpQEkgUECAQYAZIFBAgFGASAB8Si5XSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCgkQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi03OTc0OTAyNTIwNzYyMDIzGAA&sigh=5q27_tVSvVU&uach_m=[UACH]&cid=CAQSGwDUE5ymam0N01vvB7GLSpxfixpeB9-LeYz8-hgB&vis=1

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Mar 2023 09:31:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C08E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
43ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:31:43 GMT
expires: Thu, 16 Mar 2023 09:31:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:31:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D42 36 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:31:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 22:31:10 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 656A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOSh0JgfqPg7-BpXTtjDQQE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOSh0JgfqPg7-BpXTtjDQQE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RTZqT2RyaUQxUENKWHg1&google_gid=CAESEOSh0JgfqPg7-BpXTtjDQQE&google_cver=1&google_push=Aa02lx_-2jL_u17NXg6iBMJbdHyC46E3xtuw6Y5g7ulUO7z...

170 B
232 B

37ms
37ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RTZqT2RyaUQxUENKWHg1&google_gid=CAESEOSh0JgfqPg7-BpXTtjDQQE&google_cver=1&google_push=Aa02lx_-2jL_u17NXg6iBMJbdHyC46E3xtuw6Y5g7ulUO7z-VL-EgGaMGdHcsG0l7DM32eztGVQDwjkU14QknwpPAKfPZ-XAaI-RtOM

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 09:31:43 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-770-gc22eae1#rel-ec2-master i-00f451e3e988a04b8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RTZqT2RyaUQxUENKWHg1&google_gid=CAESEOSh0JgfqPg7-BpXTtjDQQE&google_cver=1&google_push=Aa02lx_-2jL_u17NXg6iBMJbdHyC46E3xtuw6Y5g7ulUO7z-VL-EgGaMGdHcsG0l7DM32eztGVQDwjkU14QknwpPAKfPZ-XAaI-RtOM
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 656A
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGe9B9iRVu1eOVw-13BjZxE&google_cver=1&google_push=Aa02lx9O1yshKeDZdeXwxKPeS2wF8hOehKNm49nWikEUWEjW18R6d-EGcQQbnKQx8uXTb3DF40DgeK_KDdH...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9O1yshKeDZdeXwxKPeS2wF8hOehKNm49nWikEUWEjW18R6d-EGcQQbnKQx8uXTb3DF40DgeK_KDdHygaBt0LGm5Q2__lz9dA6E&google_hm=9-c9n1c6Q2q2FuRe...

170 B
329 B

38ms
36ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9O1yshKeDZdeXwxKPeS2wF8hOehKNm49nWikEUWEjW18R6d-EGcQQbnKQx8uXTb3DF40DgeK_KDdHygaBt0LGm5Q2__lz9dA6E&google_hm=9-c9n1c6Q2q2FuReTUHfPhI

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:42 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9O1yshKeDZdeXwxKPeS2wF8hOehKNm49nWikEUWEjW18R6d-EGcQQbnKQx8uXTb3DF40DgeK_KDdHygaBt0LGm5Q2__lz9dA6E&google_hm=9-c9n1c6Q2q2FuReTUHfPhI
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 656A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELgDz5lCUR50E60f-HLiW70&google_cver=1&google_push=Aa02lx8GuxePK8-7rtY5C9C_Wx435AEHuFNCEGTIhAnzBHjg7BXZ_64W9ADnvsrSj9t1xRRbXrSN4yJDVfd3QngMx3V6...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELgDz5lCUR50E60f-HLiW70&google_cver=1&google_push=Aa02lx8GuxePK8-7rtY5C9C_Wx435AEHuFNCEGTIhAnzBHjg7BXZ_64W9ADnvsrSj9t1xRRbXrSN4yJDVfd3Qn...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8GuxePK8-7rtY5C9C_Wx435AEHuFNCEGTIhAnzBHjg7BXZ_64W9ADnvsrSj9t1xRRbXrSN4yJDVfd3QngMx3V6w-p9thQvddnr&google_hm=pR4vb65cQfOT19TLNc-...

170 B
232 B

37ms
36ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8GuxePK8-7rtY5C9C_Wx435AEHuFNCEGTIhAnzBHjg7BXZ_64W9ADnvsrSj9t1xRRbXrSN4yJDVfd3QngMx3V6w-p9thQvddnr&google_hm=pR4vb65cQfOT19TLNc-Fxg==

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8GuxePK8-7rtY5C9C_Wx435AEHuFNCEGTIhAnzBHjg7BXZ_64W9ADnvsrSj9t1xRRbXrSN4yJDVfd3QngMx3V6w-p9thQvddnr&google_hm=pR4vb65cQfOT19TLNc-Fxg==
date: Thu, 16 Mar 2023 09:31:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 656A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECjltTm3DRgkr0xEolHchCg&google_cver=1&google_push=Aa02lx9phvtY3oSfYraO5VMO5D3sC211qhhRcW-7Vtkgw8vg0k-75b2_Gv4DcP85MWwyoe1xynd...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZBV1dGS0wtNS1FWTk5&google_push=Aa02lx9phvtY3oSfYraO5VMO5D3sC211qhhRcW-7Vtkgw8vg0k-75b2_Gv4DcP85MWwyoe1xyndJR5WmvlLmloSaJOKyq2ta7hLTfsc

170 B
232 B

37ms
37ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZBV1dGS0wtNS1FWTk5&google_push=Aa02lx9phvtY3oSfYraO5VMO5D3sC211qhhRcW-7Vtkgw8vg0k-75b2_Gv4DcP85MWwyoe1xyndJR5WmvlLmloSaJOKyq2ta7hLTfsc

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZBV1dGS0wtNS1FWTk5&google_push=Aa02lx9phvtY3oSfYraO5VMO5D3sC211qhhRcW-7Vtkgw8vg0k-75b2_Gv4DcP85MWwyoe1xyndJR5WmvlLmloSaJOKyq2ta7hLTfsc
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 656A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMVrxuxlcatuD-DkjR0pxpY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMVrxuxlcatuD-DkjR0pxpY&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMVrxuxlcatuD-DkjR0pxpY&google_hm=ZBLh_8H0c8_eMxLRWvSXCQAADRIAAAAB&google_nid=index&google_push=Aa02lx_Agd6eCBtBjvOrXo63k-0NDIoSgGxhc...

170 B
232 B

37ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMVrxuxlcatuD-DkjR0pxpY&google_hm=ZBLh_8H0c8_eMxLRWvSXCQAADRIAAAAB&google_nid=index&google_push=Aa02lx_Agd6eCBtBjvOrXo63k-0NDIoSgGxhcbhKb8ZmfVElsUq1pbaZnRruGxaDbrkMlaTlTkW61DRVppmhEkwljJPqdgM37tKdVw8

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 09:31:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMVrxuxlcatuD-DkjR0pxpY&google_hm=ZBLh_8H0c8_eMxLRWvSXCQAADRIAAAAB&google_nid=index&google_push=Aa02lx_Agd6eCBtBjvOrXo63k-0NDIoSgGxhcbhKb8ZmfVElsUq1pbaZnRruGxaDbrkMlaTlTkW61DRVppmhEkwljJPqdgM37tKdVw8
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 656A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDru1N6dztavpiwnDIPNmuM&google_cver=1&google_push=Aa02lx_6Pe3_3q_NMAA7AzAot5U_w-UdcOYFTTlQNKtFsZQJaMtiHE-so8cJCoIKrgrtI9IhZNhbDsgbLju0RS46...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_6Pe3_3q_NMAA7AzAot5U_w-UdcOYFTTlQNKtFsZQJaMtiHE-so8cJCoIKrgrtI9IhZNhbDsgbLju0RS461F6XknHyNt80oq6H

170 B
232 B

36ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_6Pe3_3q_NMAA7AzAot5U_w-UdcOYFTTlQNKtFsZQJaMtiHE-so8cJCoIKrgrtI9IhZNhbDsgbLju0RS461F6XknHyNt80oq6H

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Mar 2023 09:31:43 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_6Pe3_3q_NMAA7AzAot5U_w-UdcOYFTTlQNKtFsZQJaMtiHE-so8cJCoIKrgrtI9IhZNhbDsgbLju0RS461F6XknHyNt80oq6H
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Vjc5c96XDnAaXnKj4YL0hnDJYb9Qyd1jz659gnlAeZxljq7cJRMZEQ==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 656A
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHUP-Hg14KHYCv1_kxG8p1c&google_cver=1&google_push=Aa02lx9OU8iwKgSG2...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHUP-Hg14KHYCv1_kxG8p1c%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTIyMjEwNDUwMDQ5ODA5MTI5Ng%3D%3D&google_gid=CAESEHUP-Hg14KHYCv1_kxG8p1c&google_cver=1&google_push=Aa02lx9OU8iwKgSG2QgGVqRcnBodQrKfDD...

170 B
232 B

38ms
36ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTIyMjEwNDUwMDQ5ODA5MTI5Ng%3D%3D&google_gid=CAESEHUP-Hg14KHYCv1_kxG8p1c&google_cver=1&google_push=Aa02lx9OU8iwKgSG2QgGVqRcnBodQrKfDDUe27GSsSco23iKp0NCodRxCYzwiGEQ_5f2frCIS_09xgjPTX7CnpqP1i9PRXjbkt3vGnsz

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 16 Mar 2023 09:31:43 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 92.222.212.18; 92.222.212.18; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0a87bf60-4c4a-441e-b137-cd5332e329c8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTIyMjEwNDUwMDQ5ODA5MTI5Ng%3D%3D&google_gid=CAESEHUP-Hg14KHYCv1_kxG8p1c&google_cver=1&google_push=Aa02lx9OU8iwKgSG2QgGVqRcnBodQrKfDDUe27GSsSco23iKp0NCodRxCYzwiGEQ_5f2frCIS_09xgjPTX7CnpqP1i9PRXjbkt3vGnsz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 656A 0
139 B 133ms
33ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ih7-HVcVv7H6yr5VTmLsUjDmbHJaghZga5Ix6Op2UDz1r8-76oEFaBkIflCVxqM-9UpimA5w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 84D5 0
18 B 69ms
69ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmmE9_uESZI7rEaiR78EP4uy0kA6UtafCboPdku25D-mvlffoKRABII6Mgnlg-9mQg7gKoAHIsanNA8gBAagDAcgDywSqBMYBT9D-KfkDo6EMw2baZoemuFTDfId7RepNYhmwHQtsLca2xP1YPr4AzIOLRn9pacK_meiAFxizXEbDnKlaWmZuzppGofuYnO5Zm3ksWpJD0oKLmlcb64_wD1j0bwbtA9v4BJMDW9NlrPaH0DOdpD0NUpIML1TFvAi6P3Fm1gqtyN_bIx9lBJzgWBnqibSKHj7MoevwyNEWZ26ec-E22cPgsEFeQ1eZXF0lG0Bpy_emzlagnL89siT_VX0BLiHVlWEsYzlWPU0SwAS50OPt6gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH5OriNagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJOGAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQE0BUBgBcBshccChoIABIUcHViLTc5NzQ5MDI1MjA3NjIwMjMYAA&sigh=_SvmvESxG5M&uach_m=[UACH]&cid=CAQSGwDUE5ymam0N01vvB7GLSpxfixpeB9-LeYz8-hgB&vis=1

Requested by

Host: top4top.io
URL: https://top4top.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Mar 2023 09:31:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 style.min.css
s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/styles/ Frame 4567 4 KB
1 KB 35ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/styles/style.min.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffdf95fb2c16a42b7263f7066a3090165d3504c3690d882c1568b454fb547c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 04:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449533
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1469
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 08:49:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Mar 2024 04:39:30 GMT

GET brand.css
s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/ Frame 4567 0
0

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4567 60 KB
24 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Mar 2023 09:31:43 GMT

GET
H3 200 easepack_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4567 2 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1356
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:22:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Mar 2023 09:31:43 GMT

GET
H3 200 index.min.js Show response
s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/scripts/ Frame 4567 30 KB
10 KB 35ms
34ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/scripts/index.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8d116eccad270360025b5a893796a31c39f877d99619b205716c00eea08b069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 04:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449533
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10390
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 08:49:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Mar 2024 04:39:30 GMT

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame A512 36 KB
14 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:31:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 22:31:10 GMT

GET
H/1.1 200
OK dv-measurements3574.js Show response
cdn.doubleverify.com/ Frame DFF5 555 KB
106 KB 31ms
31ms Script
application/javascript 2a02:26f0:480:9::210:ee05
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3574.js
Requested by: Host: top4top.io
URL: https://top4top.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee05 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e2d86ac23f26d33b164cd45484c0cd3bc9a0d2d6afea8c4079c8f81df00ffdb3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 09:31:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Mar 2023 08:19:55 GMT
Server: Microsoft-IIS/10.0
ETag: "808754ec1657d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108413

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D608
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:31:43 GMT
expires: Thu, 16 Mar 2023 09:31:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:31:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame DFF5 1008 B
879 B 215ms
42ms Script
text/javascript 34.149.12.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=153&ttfrms=31&brid=3&brver=111.0.5563.64&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauE%40AcE%40A%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauE%40AcE%40A%5D%3A%40Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=295&ddur=120&uid=1678959103870914&jsCallback=dvCallback_1678959103870353&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=309&winw=1200&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3574&tgjsver=3574&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7974902520762023%26output%3Dhtml%26h%3D280%26slotname%3D2740616398%26adk%3D1148954392%26adf%3D2723329071%26pi%3Dt.ma~as.2740616398%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678959102%26rafmt%3D1%26format%3D1200x280%26url%3Dhttps%253A%252F%252Ftop4top.io%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678959102071%26bpp%3D1%26bdt%3D316%26idt%3D250%26shv%3Dr20230314%26mjsv%3Dm202303060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1140x280%26nras%3D1%26correlator%3D1212915722020%26frm%3D20%26pv%3D1%26ga_vid%3D940131322.1678959102%26ga_sid%3D1678959102%26ga_hid%3D944656424%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1438%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44777876%252C44759926%252C44773809%252C44759842%252C44759875%252C31071756%252C31073058%26oid%3D2%26pvsid%3D3807785847487716%26tmod%3D865089248%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DEKfTJY8ror%26p%3Dhttps%253A%2F%2Ftop4top.io%26dtd%3D297&fcifrms=7&brh=2&sdf=2&dvp_epl=232&noc=4&nav_pltfrm=Win32&ctx=13361095&cmp=29279548&sid=6280934&plc=360779810&crt=187644617&btreg=551807199&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=5445537413.754883&dvp_tukv=114575398.04414822&dvp_strhd=0.9000000953674316&dvpx_strhd=0.9000000953674316&dvp_tuid=1491259092976&jurtd=1769458643
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3574.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 9ec8fef51c8cbd0f92d49fccb87662418e52e8e73361cdc9665b770e12217446

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 09:31:44 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 03/15/2023 09:31:44

GET
H3 200 chevron.png
s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/images/ Frame 4567 190 B
217 B 29ms
28ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/images/chevron.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/styles/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/styles/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 08:40:59 GMT
x-content-type-options: nosniff
age: 435045
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 08:49:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Mar 2024 08:40:59 GMT

GET
H3 200 aldine_light.woff2
s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/fonts/ Frame 4567 24 KB
24 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/fonts/aldine_light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/styles/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/styles/style.min.css
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 16:28:00 GMT
x-content-type-options: nosniff
age: 493424
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 08:49:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Mar 2024 16:28:00 GMT

GET
H3 200 config.js Show response
s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/config/ Frame 4567 1 KB
635 B 38ms
37ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/config/config.js?r=0.750809090809367

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/scripts/index.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec0f6983d418d21869f983f90088fdf0218eab90738a4a2c8ad7ec039b8454cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 607
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 08:49:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Mar 2024 09:31:44 GMT

GET
H3 200 beachSeaView-tier1-1164x300.jpg
s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/images/ Frame 4567 46 KB
46 KB 30ms
26ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/images/beachSeaView-tier1-1164x300.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c367091ce35c0bd31f8af53ccb8243ca449c1234fe6f58f1222edfe78cca8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 10:09:42 GMT
x-content-type-options: nosniff
age: 429722
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46762
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 08:49:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Mar 2024 10:09:42 GMT

GET
H3 200 connector.png
s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/images/ Frame 4567 74 KB
74 KB 40ms
36ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/images/connector.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:22:19 GMT
x-content-type-options: nosniff
age: 403765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76141
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 08:49:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Mar 2024 17:22:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A512 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3StZ_uESZPfLNKGJ78EPs4ug0AkAAAAAOAHgBAI&bg=!KyilKHzNAAZKh9k7aoc7ADkAdvg8Wknnf64LnSbUuh8X-gvGav6KX-WecxQKO0O6olrbkStZYnIpWr7buCtJ8qmsiW4BrdiwpJ4CAAABdlIAAAACaAEHmQL9XKIpWhjfBjEk9uQy-bQs3URLIEyp_P1gtD7QFYGGypUrRoCCGMxmLXPRotiqVbjoIfjRWcvL-QUPPY8gsIVdAY5YhytnCGmMudmBEfl64LAvtA38etEYYXSHCAP0_Pz3Lheac47kQPAC6Vts_wZR3JW3Kc81NSnkvcPUdfjtFGYfz8rDD-A3b3awjxTG4p9BbvRpFo03iQokXV2ktqD7xsbmkPQRWd6RGroT1yxEmML_Ik1P-JXLatGWB4sXcMAaXm6CdLvuzJMPC_SqvcJ89UnJf5cY6AAaWjIR0kST09voPwDd0Z5rJgyCOFrYsb8HY5AyF5SNURF0JOD30sUcZeGvXzI3W6-AaxzCKrSG-34aZvu4ydMeUMGpoWQh8xMOFU2SCmLJFMkqJ0IQplkUia6rvAgNp6LUA8CzbOYDfUw8iUqQlplDp5n6FWr3bXfBxM8aFdAf-mMUVHLD1CrDi493CGfYa2-IcOSzYrDiYEepMDnAXc4060F48ciVvBhzaiaGwy4gii2bPLcnaRTYw_5l-Ykhhd9o4aNtMotiGWS5EYycQ0gHCUdicDKnITwcZzTLLBRPRgXpo7Es3P_cAOXZsEx-tw6S8Dzl-RRpJxbVTRZRg0J0fRiv_IvlL4nv-nucnPEkHMz1SELCiaBcz_NNkmvCWsc1aP8NY8_zLoEcd77ubq7CjfOuA0wednLy5kJAmFzUQoE-C3W10LcnAqablzDm2V_z7y1wlEcbPsr7OpGjMkrJnPqr8Lynxvv34p3GnCKclbeGh54X-ERaVMIR9QN_Q-kJRdMPc_MTBeSNeDkJi4sEXo2vtzv9EZ-MnFbUZd3C53x7it8VI5CVPyRbdBxglEJ5xyC_IPTrA1ePFZSQjLwFk_ukY7Ufb7LaBS4D6rhM3TYzCjqh_R5EQkIdp_Z810PB80JXosvbsw9PtNV5shTxzrXe2vPV_63PiEvqTurVn9VOgTWrGj8mm9VJjQjoukN4HttiNINsqCpjOq103wING1sa6gCn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 aldine_light_italic.woff2
s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/fonts/ Frame 4567 26 KB
26 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/fonts/aldine_light_italic.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/styles/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/styles/style.min.css
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 04:39:31 GMT
x-content-type-options: nosniff
age: 449533
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26720
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 08:49:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Mar 2024 04:39:31 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 104ms
40ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230314&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a6685f390008380919565db85676b8461025ac7dddaf2c9530df0e098650c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11321
x-xss-protection: 0

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/images/ Frame 4567 3 KB
3 KB 34ms
28ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/images/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

940b6c62a663346ceb4bd6c8ec2cebaf2729c974990f411fe74299a9f7860dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 09:33:19 GMT
x-content-type-options: nosniff
age: 431905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2699
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 08:49:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Mar 2024 09:33:19 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ADD1 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsub_3-rnuwZCHN5lvReZTLk1_HkJPK9SsoWhVy20zuxBSRIsiuTVobdY31cUxcuN4ES-Wrhaoga3K3Xr79DBkvoXbO-RalAYnN4SG9qs23pDijhp33NWCUClanOZaGOfxXT0r9TMA&sai=AMfl-YRbJlW3yFUcy-xlwMyL3ANW2rl1gxJMUHpfyHr_IU_EljiImj2Kbo5cKtaZQNXIGcnSrJSxaCLa8a0n&sig=Cg0ArKJSzNnCmlaZyLsiEAE&cid=CAQSGwDUE5ymgjjGtBXhvZ6umphyS47nZvzC_rx6TRgB&id=lidar2&mcvt=1000&p=0,0,280,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1798011881&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678959102308&rpt=945&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 166ms
166ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 09:31:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 21A7 13 KB
5 KB 32ms
26ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 8234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 07:14:30 GMT
expires: Fri, 15 Mar 2024 07:14:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B718 783 B
534 B 39ms
35ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1797d99faf05d4a518287a6a29308a5fdacda030b822ffe8b1fd5ddc78b2f049

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SGKSKU1qA-eUWyE0Ga7tdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-SGKSKU1qA-eUWyE0Ga7tdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 09:31:44 GMT
expires: Thu, 16 Mar 2023 09:31:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0324 42 B
64 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkbhxGbgebswkWhMQxqSyM2NBM2DOzoJ9_C4pBbTj0ocTTWuMsGblGTefmJbghwYJ9NpeUOa4fMUeq2_J-WJvhlGNCPjICk9bQ2L3N7ITgVCCF8mbmzX-w8_Qd6nxO3EUjIQDbsw&sai=AMfl-YSHinESUHHIttjr-O6obZ03GZm9vzQiNv-Rm2I4ibvSHpdZNhMDTrxEIEow9klFeQ6G168ju8LJ0_C_&sig=Cg0ArKJSzMHTNsviTB-SEAE&cid=CAQSGwDUE5ymam0N01vvB7GLSpxfixpeB9-LeYz8-hgB&id=lidar2&mcvt=1006&p=0,0,500,180&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678959102978&rpt=471&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B718 0
0 61ms
60ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230314&jk=3807785847487716&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame 21A7 36 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:31:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 22:31:10 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 84D5 42 B
64 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5-wHN1UOaaGzFHDLtbuA50KZou8OhmVizo1xYCWx3yToBicVdnjvrnpiVBankziaOUuBVWQPoikcQWWvtsRUpgaJlgq2Wh3JA-Gbp9g_lFr_sXVa89zFdiDMCOb2xxHCWTaSKWA&sai=AMfl-YSbAFeVsiO9tKBM6cYMW6eS0kc_hP0dSJBRztpn3R2O8PS7EUNsgARLEipwtzKl9WiDiWcem5eDdFED&sig=Cg0ArKJSzBlwlP_iv2C9EAE&cid=CAQSGwDUE5ymam0N01vvB7GLSpxfixpeB9-LeYz8-hgB&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678959102981&rpt=495&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 09:31:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 21A7 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vl6jNA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:31:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
62ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230314&jk=3807785847487716&bg=!-vml-a3NAAZKh9k7aoc7ADkAdvg8WmjhL-U9kWUWWOB4Qyu1bYncjYxUfjxpjuSY1UsWUVGuQMzLurjzV8JtQ6-0m_u9QJ-woRsCAAAAX1IAAAADaAEHCgBtgC0KlggXK-cYbD2rHdKDCRGeW1m-Sz2ta8CTDzfbf-oze1ITPuPTAI6JNBRK_p5ZtcvaD3fR1FqiJ8IgeuFJiymk73OV3PRd9N5DWwXEt5Nt7sCkeVU214KL8q2cIFqfqjAUdy457jVz7QK0fJkCou-whaiFDy9NPzm-UxnZNMHzcqP21llocsQmJLcatWvWWzt2ph2l0etqAFaL55X_otS8XISqSuJ9SQRXnzyBsSMV6GwyBGZrNK44CW9ulsLBN_yEJqJmvzZk7uUtqYFvrSffzmph1kwMw0reFlS9swGV_65xQvghUVpv8FbdhGQ3oylZcSk1QzkAK61k3_cGh3dnqz7UzqHZWSFxOP0EZTzj6gaIVtJCmnJJnvyS1Xqmj_c0o8YpPqNaSZwUCzJlgRw1mWEmu6Y8dj2HZifRaArWJy-a3bKnj9jBzaHZxFxYTSDtApd65T307TDVJiYZCXGXwYvyNwMYTj5uPLnHSAXqDJgw_wZsnQYGgHS8D1lqekkOcn4sHFPT0n3230ibtBQCw9vkil7oHdbi42aOpdOniZOfQoNi4H4A65Cg6Bbo57tWDPru8-QI7MSXOhW-d4iXvZTDELc3KTlSs5lKcuHIsxzrlw29BZLU_wgQTsLlUUe8JfRn_dk6sN1o6P22e9qXtaGtTghlF8uN3JlVWM6sDI2ZyCSbgwL_EIgOigLyOkv73fGMto3Xxs2PFlsBoRsi8WdXozIayhXUIeeYykEPbWP7nRIsCRlw1YK95InENpOYxMJoADLKYh1GmWNlCAVdum79vqVUWoPlBkvLwe-2yP7zFejPpTdQqnZOOEWL3yosi1hA-ZaJqj8rXITvglH8zVVZSqbZKIWEpg5kdioeqWtDNF2bWAMBvqlDJFBtMpAeE6mA7ws-3cPen-Z-6PL172vo89BcuGI2rXwAHDP1uozm6K-av6pkjIQWR8CVVrpTXXHiodlykJiV8kAvYBH2YxtGS6EhWvoqhuFb-66WiehEqHtzERvtZb-4ykmDVz_gSIn7vbkfi6RUoO5ZaD_q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://top4top.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame DFF5 0
234 B 75ms
31ms Ping
text/plain 34.149.12.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=787be675fe0e47f891e442d2faed111d&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=220&eoid=15&msrjs=3574&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=120&tetms=11&msltms=72&vltms=220&sei=290&vetms=26&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=264&msrcannum=2&ismms=42&isumms=42&nvr=2&elmtp=4&isbxdms=2343&b0=2458&adwdth=1200&dvp_vsosnmr=3&lftb=2458&sftb=2458&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=309&cwdth=1200&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=42&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=1&meeid=1&dvp_itg=HEAD:1,SCRIPT:24,STYLE:3,META:1,BODY:1,DIV:19,IFRAME:18,NOSCRIPT:1,IMG:1,svg:3,path:14,A:1,title:1,&ttfurm=3277&cbust=1678959107120958
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3574.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 16 Mar 2023 09:31:47 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/15/2023 09:31:47

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/brand.css

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
top4top.io/	1970-01-20 10:25:31	Name: sid Value: LIqMbpMCYP3J54tifF4vrrlNpZ5
.top4top.io/	1970-01-20 19:58:39	Name: _ga Value: GA1.2.940131322.1678959102
.top4top.io/	1970-01-20 10:24:05	Name: _gid Value: GA1.2.343785174.1678959102
.top4top.io/	1970-01-20 10:22:39	Name: _gat Value: 1
.top4top.io/	1970-01-20 10:24:04	Name: klj_40d147_downloads Value: 9nxiv
.top4top.io/	1970-01-20 19:44:15	Name: __gads Value: ID=fe50fb1690475f2b-22f9111cc6de00c4:T=1678959102:RT=1678959102:S=ALNI_MZ4j6oDQIBv2m1rGtcvWmdulsMKqQ
.top4top.io/	1970-01-20 19:44:15	Name: __gpi Value: UID=00000bc69f25cc43:T=1678959102:RT=1678959102:S=ALNI_MZ-6_xzCmSGOg4w5HUfNolcpPoMyw
.doubleclick.net/	1970-01-20 19:44:15	Name: IDE Value: AHWqTUm6fUi6i2PYF8QOTn4hriT1siacLRAR-FC3ORcqqNY_1ldsNd2CiKtRkrAUcH0
.doubleclick.net/	1970-01-20 10:22:42	Name: DSID Value: NO_DATA
.ctnsnet.com/	1970-01-20 19:08:15	Name: gid_CAESEGe9B9iRVu1eOVw-13BjZxE Value: 1
.ctnsnet.com/	1970-01-20 19:08:15	Name: cid_f7e73d9f573a436ab616e45e4d41df3e Value: 1
.adnxs.com/	1970-01-20 12:32:15	Name: uuid2 Value: 5222104500498091296
.w55c.net/	1970-01-20 19:54:19	Name: wfivefivec Value: E6jOdriD1PCJXx5
.casalemedia.com/	1970-01-20 19:08:15	Name: CMID Value: ZBLh-8H0c8-eMxLRWvSXCQAA
.casalemedia.com/	1970-01-20 12:32:15	Name: CMPS Value: 3346
.casalemedia.com/	1970-01-20 12:32:15	Name: CMPRO Value: 3346
.bidswitch.net/	1970-01-20 19:08:15	Name: tuuid Value: a51e2f6f-ae5c-41f3-93d7-d4cb35cf85c6
.bidswitch.net/	1970-01-20 19:08:15	Name: c Value: 1678959103
.bidswitch.net/	1970-01-20 19:08:15	Name: tuuid_lu Value: 1678959103
.w55c.net/	1970-01-20 11:05:51	Name: matchgoogle Value: 5
.bidswitch.net/	1970-01-20 10:22:39	Name: google_push Value: Aa02lx8GuxePK8-7rtY5C9C_Wx435AEHuFNCEGTIhAnzBHjg7BXZ_64W9ADnvsrSj9t1xRRbXrSN4yJDVfd3QngMx3V6w-p9thQvddnr

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/index.html Message: Refused to apply style from 'https://s0.2mdn.net/sadbundle/3793766541515348703/Marriott-Global_Marriott-APD_Display-Tool_970x250_0cXrgG/brand.css' because its MIME type ('image/gif') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-7974902520762023&fa=3&ifi=5&uci=a!5&btvi=2&xpc=ljXnfBmqQ7&p=https%3A//top4top.io Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230314/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-7974902520762023&fa=4&ifi=6&uci=a!6&btvi=3&xpc=3BLx5pA3Oi&p=https%3A//top4top.io Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
ajax.googleapis.com
cdn.doubleverify.com
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.top4top.io
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
s.ad.smaato.net
s.top4top.io
s0.2mdn.net
secure.adnxs.com
ssum-sec.casalemedia.com
top4top.io
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
s0.2mdn.net
142.250.184.194
142.250.186.162
185.80.39.216
185.89.211.132
188.165.137.138
188.165.137.170
2600:9000:211e:1c00:1b:5138:8a40:93a1
2606:4700:3033::6815:589
2a00:1450:4001:800::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a02:26f0:480:9::210:ee05
34.149.12.213
35.156.29.78
35.186.193.173
51.159.67.135
52.59.118.245
69.173.144.139
072431ea5a7acc31d372789d456ddd7980fdfebd7ca917e4dbf988ef58abbf6a
09a3259106934713084ea8e90baedf51a931703f888958e019e6ab3b3eb6467d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f05d189ca32eaea20ba5cbea1217952fc5b452fe850e05b3a1d1272cbfd2153
102239dae9b7e965c508b3d89615f357d921deeb719576cc8c99109208198590
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
1490aad284b9af37c925810fe6cad4bf2b972ffbf906462c0e391d3218bd1224
1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
1797d99faf05d4a518287a6a29308a5fdacda030b822ffe8b1fd5ddc78b2f049
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185de71d471b0ab56f8b2bfdfb1a74f93ca2a70e7d06603bfdde7c210247501f
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
2d3739641977b990a78140691fdc6dbcac521dfde371f21d6ebcd3b5ae2416c9
2ffbeaf86cec2d9c2bdd40121202d5294eeed5433b94fa8a1a126fc7ed058c7d
3072fd2c999045e7dfd9bb483ba4687daeacde28cb06f4f2177366737f8a564e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317f149045d69a8bf445de8bbd3ff61b2cc95da746998e97f4381dfe3326c7f7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
3c367091ce35c0bd31f8af53ccb8243ca449c1234fe6f58f1222edfe78cca8ba
41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e
484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
4f6528919bb0f9ba4d23d37761fd4fd18561cfdaac54afe7f852dc9612960d7a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a27fb3d825d740109af24cb34d22be9ed46c5b831352d47d0ace9b333b27e83
5a6685f390008380919565db85676b8461025ac7dddaf2c9530df0e098650c94
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
74111b99feaedb852e07a14bd6cc2a3796e309073ad8255f0733e2d6c2f110f4
788559c056a4f64455d4208befee3e58bd6f5d4a92fdb4af84f0fdd23cc32278
78e808734a59eb53f14e50336bf18ad92b4e8bdd0d7225b59d6ce55ee1022286
78f514d69647f9a518bfbc6347056a8a89bfe3a99634a50cc90a80d659e72163
884e8ddcd857eb74f736b1d73a1e4ebfad9acd55cc8e5ac5c43d01f528ef6a5a
8e5c02a9cc1535fce55c447bf2d55b43709876611f771e4cf75386760f526ac3
91dcf01cdf88e9b126022fd8d28fe61a13017d83bce2de6a8a69b4d04a1aeba9
937f0bf91c33631f746a0465609e009b41d9d8dcdea2e370360666a1729a3fa3
940b6c62a663346ceb4bd6c8ec2cebaf2729c974990f411fe74299a9f7860dc0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ec8fef51c8cbd0f92d49fccb87662418e52e8e73361cdc9665b770e12217446
a28649315acaf52dcb3e1e8a0c316dbdee5ef7fc27638ab8c7fa1c4d637f4b5e
a28953ed5afed86c341b5b201d5ba93abd34ede7fcf2f21e8dc0e1be6c54cfc6
a3bf67eeebc9f9af60b38d8fe6a808e7e8722982c72c6867d68e05582c311143
a40441867f5b970ef12f54fd7292218aab8e9825a09aa6c720f239d311660ce3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60f90398750c832d435897bcd263a7b9dac3c581e55dfd5d04020ee1d849350
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2
b48f9a7031474a0f73f92f2e6cbbfad730b5466cda96d86a4459c06efc986173
b87eb697514c4f7f78d19319a9f7f9ec477787d3c6060ae86eb7cb04a64eac13
ba55961d7ac71561db39cb5be18d75ee12b453a401d3d7561b825664df464aa2
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c9837b46a37e8117cb24a8819b66ee698f99d0606fbcb8fa19435cac474abcbc
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cfa7cfcb56c0960950a50a392063f2463d216ee2b83de0aa011893816e76962c
d12fcbeb7624beef6c90755330fd5dfc2fd155c8e1f596129c9531821c5a85be
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2d86ac23f26d33b164cd45484c0cd3bc9a0d2d6afea8c4079c8f81df00ffdb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e7ea71a09f4ef6432bfac9f46c14133f6ffee7db66ef69efccfa97cbbedcebfb
e8d116eccad270360025b5a893796a31c39f877d99619b205716c00eea08b069
ec0f6983d418d21869f983f90088fdf0218eab90738a4a2c8ad7ec039b8454cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f242efc3874d0c6b2acd4cc6b376e8eef5e0763acc03b5cf997cd533ad35ed53
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ffdf95fb2c16a42b7263f7066a3090165d3504c3690d882c1568b454fb547c2d

top4top.io Open in urlscan Pro 188.165.137.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

94 %HTTPS

57 %IPv6

19 Domains

29 Subdomains

21 IPs

4 Countries

1802 kBTransfer

4593 kBSize

21 Cookies

7 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

top4top.io Open in urlscan Pro
188.165.137.170 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

94 %
HTTPS

57 %
IPv6

19
Domains

29
Subdomains

21
IPs

4
Countries

1802 kB
Transfer

4593 kB
Size

21
Cookies

140 HTTP transactions
4 data transactions