urlscan.io logo urlscan.io
SecurityTrails logo

www.allspots.com Open in urlscan Pro
212.83.165.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://jordansun.com/
Effective URL: https://www.allspots.com/
Submission Tags: falconsandbox
Submission: On June 12 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 7 countries across 17 domains to perform 109 HTTP transactions. The main IP is 212.83.165.65, located in France and belongs to Online SAS, FR. The main domain is www.allspots.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 24th 2021. Valid for: a year.
This is the only time www.allspots.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 22 212.83.165.65 12876 (Online SAS)
16 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f02... 32934 (FACEBOOK)
2 9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.98 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
2 4 142.250.185.70 15169 (GOOGLE)
1 2 52.31.65.246 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 4 142.250.185.226 15169 (GOOGLE)
3 5 2.20.157.55 16625 (AKAMAI-AS)
2 3 185.33.221.90 29990 (ASN-APPNEX)
3 2600:9000:249... 16509 (AMAZON-02)
7 44.237.218.67 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
109 27
22    212.83.165.65 (France)

ASN12876 (Online SAS, FR)
PTR: varnode1.metalio.com
jordansun.com
www.allspots.com
16    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
4    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
9    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.fr
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
16    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
2    52.31.65.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-65-246.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
5    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    2600:9000:2491:c200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    44.237.218.67 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-218-67.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
32 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 146
503 KB
21 allspots.com
www.allspots.com
208 KB
19 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 48
stats.g.doubleclick.net — Cisco Umbrella Rank: 104
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 280
ad.doubleclick.net — Cisco Umbrella Rank: 185
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
86 KB
15 google.com
cse.google.com — Cisco Umbrella Rank: 2893
www.google.com — Cisco Umbrella Rank: 4
clients1.google.com — Cisco Umbrella Rank: 560
adservice.google.com — Cisco Umbrella Rank: 82
173 KB
12 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 534
static.adsafeprotected.com — Cisco Umbrella Rank: 562
dt.adsafeprotected.com — Cisco Umbrella Rank: 475
97 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 564
4 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 231
3 KB
3 google.fr
adservice.google.fr — Cisco Umbrella Rank: 25313
www.google.fr — Cisco Umbrella Rank: 13856
1 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 584
138 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
18 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 172
86 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 47
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
86 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
53 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 816
644 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 80
39 KB
1 jordansun.com
jordansun.com
268 B
109 17
Domain Requested by
21 www.allspots.com 1 redirects www.allspots.com
16 tpc.googlesyndication.com www.allspots.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
16 pagead2.googlesyndication.com www.allspots.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
9 www.google.com 2 redirects cse.google.com
www.google.com
www.allspots.com
tpc.googlesyndication.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.allspots.com
7 dt.adsafeprotected.com googleads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 ad.doubleclick.net 2 redirects googleads.g.doubleclick.net
3 static.adsafeprotected.com pixel.adsafeprotected.com
googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 cse.google.com www.allspots.com
www.google.com
2 static.xx.fbcdn.net www.facebook.com
2 www.facebook.com connect.facebook.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 pixel.adsafeprotected.com 1 redirects googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net www.allspots.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.fr pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.allspots.com
connect.facebook.net
1 s0.2mdn.net www.allspots.com
1 www.google.fr www.allspots.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 clients1.google.com www.allspots.com
1 www.googletagmanager.com www.allspots.com
1 jordansun.com 1 redirects
109 28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
allspots.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-24 -
2022-11-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-21 -
2022-06-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh

This page contains 14 frames:

Primary Page: https://www.allspots.com/
Frame ID: E100ED700F1CB6F5775528B083C74E00
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/zrt_lookup.html
Frame ID: 313AE73A4422C9B620F9EED5443AA7C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&adk=1812271804&adf=3025194257&lmt=1655013875&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.allspots.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875337&bpp=3&bdt=290&idt=182&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=647903484125&frm=20&pv=2&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201
Frame ID: 19C75683B0F3DC805EFC3EDC770F9F1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Frame ID: 50CFBD3C1A61AECCB2E1A7F4CF977090
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY9a7WyAEwAQ&v=APEucNV1VUQuuDqnWTK_ZbIFr2667nwp_UTAoUBt1nffqCijPIXjZPx2T7mJxtTdW_yPqWYcPEGeMC3qYtUv5C96uWNBaDgmlPxa2Gv8kaqt0Y9KuEnRerSdc5cr0I4qwecMQxhRxxaVU38zTYeSQxmOPEWjAUEWa8lMOf_BmOOQ4HAMdP7HaRU
Frame ID: F4ADD6B1622ADCC1447AF3DF4276CD12
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/abg_lite_fy2021.js
Frame ID: 37DE007D7DAC06060CB8DDD9BC229AE9
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1
Frame ID: 62E4F9F65699391859FA61A18E403719
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0FFD8CFB36CFE2A7BA9EF4C4B4A38B7B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/index.html
Frame ID: 43F59C45C76F80790E0EB8C1D122C079
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 71A0919C593D916A179C685B7F64F449
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 0D76DFAA68D272C86330215E75221A8D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=415201545271579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dda15194e599c%26domain%3Dwww.allspots.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.allspots.com%252Ff233092c97a6694%26relation%3Dparent.parent&container_width=320&href=https%3A%2F%2Fwww.facebook.com%2Fallspotsjo&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&width=182
Frame ID: A816444BAAE81A0AA5B50B389768245B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78F509F028028730EAD429CDE5CD9A78
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 22E3568AC8787A830771E50780091D43
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ALLSPOTS ☎: AllSpots - Guide, Events & Directorysearch

Page URL History Show full URLs

  1. http://jordansun.com/ HTTP 301
    https://www.allspots.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

92 %
HTTPS

65 %
IPv6

17
Domains

28
Subdomains

27
IPs

7
Countries

1509 kB
Transfer

4190 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jordansun.com/ HTTP 301
    https://www.allspots.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.allspots.com/directory_style.css HTTP 302
  • https://www.allspots.com/jo/directory_style.css
Request Chain 32
  • https://www.google.com/cse/images/look/cse_theme_shiny_form_bg.png HTTP 301
  • https://cse.google.com/cse/images/look/cse_theme_shiny_form_bg.png
Request Chain 51
  • https://ad.doubleclick.net/ddm/trackimp/N418801.3023564SEEDTAG-FR/B27528274.333907589;dc_trk_aid=525843896;dc_trk_cid=170089770;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N418801.3023564SEEDTAG-FR/B27528274.333907589;dc_pre=CN7cuJGfp_gCFdGAewodsv4AeQ;dc_trk_aid=525843896;dc_trk_cid=170089770;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 58
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHMZ9KHjc-JzvXk54kY85k&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHMZ9KHjc-JzvXk54kY85k&google_cver=1&C=1
Request Chain 59
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqWB9KXBGKlJdCUwhU5mBgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHMZ9KHjc-JzvXk54kY85k&google_cver=1
Request Chain 60
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKyiLhEndEjpUtq14k909OM&google_cver=1
Request Chain 61
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI3MjUwMTY2ODM0MzI5MTA5MQ%3D%3D
Request Chain 67
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27463676.331655781;dc_trk_aid=523480262;dc_trk_cid=168269006;ord=400190837;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27463676.331655781;dc_pre=CIaqvpGfp_gCFQKedwodsAACTA;dc_trk_aid=523480262;dc_trk_cid=168269006;ord=400190837;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 80
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 82
  • https://pixel.adsafeprotected.com/rfw/st/1007717/62211789/skeleton.js?adsafe_url=https%3A%2F%2Fwww.allspots.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.allspots.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0149528545016404%26output%3Dhtml%26h%3D90%26slotname%3D9971816417%26adk%3D3463480156%26adf%3D2187122167%26pi%3Dt.ma~as.9971816417%26w%3D740%26lmt%3D1655013875%26rafmt%3D12%26psa%3D0%26format%3D740x90%26url%3Dhttps%253A%252F%252Fwww.allspots.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1655013875340%26bpp%3D2%26bdt%3D294%26idt%3D204%26shv%3Dr20220608%26mjsv%3Dm202206090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D647903484125%26frm%3D20%26pv%3D1%26ga_vid%3D652542782.1655013875%26ga_sid%3D1655013876%26ga_hid%3D2072708154%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D238%26ady%3D333%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31067628%252C31067972%252C44765403%26oid%3D2%26pvsid%3D4035116351011925%26tmod%3D1131951061%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D256%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3D5P469uqJ1v%26p%3Dhttps%253A%2F%2Fwww.allspots.com%26dtd%3D209&adsafe_type=bd&adsafe_jsinfo=,id:d544c893-970f-3ce2-4478-0e089ca2f3ee,c:fiIW6k,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-6d5ddf5c78-x6zv7,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:168,fm:t8wlyPt+11%7C12%7C131*.1007717-62211789%7C1311%7C13121%7C141%7C142,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:1,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:185,oid:894fbde0-ea15-11ec-8564-56ff7df77b30,v:19.8.316,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

109 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.allspots.com/
Redirect Chain
  • http://jordansun.com/
  • https://www.allspots.com/
18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
787d45bf8f7c534b3fb1964561b44a8129c29a7195e801edac32a985684fe532

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
5225
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Jun 2022 06:04:35 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.14.2
Vary
Accept-Encoding
Via
1.1 varnish (Varnish/6.1)
X-Varnish
24663483

Redirect headers

Age
0
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Jun 2022 06:04:34 GMT
Location
https://www.allspots.com/
Server
Apache
Via
1.1 varnish (Varnish/6.1)
X-Varnish
24563100
bootstrap_and_jsstyle.css
www.allspots.com/datastor/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allspots.com/datastor/css/bootstrap_and_jsstyle.css
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
dda8b8cf3c05e4c1cdcbb445ce14de2114e81c99916aba098d0adaf94819044c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Mar 2020 08:33:33 GMT
Server
nginx/1.14.2
Age
0
ETag
"1d7df-59fdb0ae53140-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 varnish (Varnish/6.1)
Cache-Control
max-age=1814400
X-Varnish
24563103
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20198
directory_style.css
www.allspots.com/jo/
Redirect Chain
  • https://www.allspots.com/directory_style.css
  • https://www.allspots.com/jo/directory_style.css
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allspots.com/jo/directory_style.css
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Server
nginx/1.14.2
Age
0
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=1814400
X-Varnish
24663489
Connection
keep-alive
Content-Encoding
gzip
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Server
nginx/1.14.2
Age
0
Content-Type
text/html; charset=UTF-8
Location
/jo/directory_style.css
Cache-Control
max-age=1814400
X-Varnish
24663486
Connection
keep-alive
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29f79d0bd6c34afb2c6ab2be298bd3ea49f34d2fa68c5df157b29ba53eeab574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56324
x-xss-protection
0
server
cafe
etag
8817416782466846578
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 12 Jun 2022 06:04:35 GMT
eu_cookie_banner.js
www.allspots.com/datastor/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allspots.com/datastor/js/eu_cookie_banner.js
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
eecc562cf373962edfe6719beff72bac1674405277d13b0d94906f1e75a9030f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Feb 2020 07:42:28 GMT
Server
nginx/1.14.2
Age
63812
ETag
"fd4-59f39657a0100-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish (Varnish/6.1)
Cache-Control
max-age=1814400
X-Varnish
24590622 24676173
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1473
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-55911075-2
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac42678d1c2ae742a6647891d41e40e6f30fcbf6252ad974e2c1288ee14546e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39769
x-xss-protection
0
expires
Sun, 12 Jun 2022 06:04:35 GMT
left_side_logo.png
www.allspots.com/datastor/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/left_side_logo.png
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
47a95b9c80e48085817826dcdec6f13ffe3c0e5002e21672e0c87bda788ad6a2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Sun, 19 Jan 2020 18:33:18 GMT
Server
nginx/1.14.2
Age
63821
ETag
"b17-59c8268979780"
Content-Type
image/png
Cache-Control
max-age=1814400
X-Varnish
24563108 24676129
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2839
login.png
www.allspots.com/datastor/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/login.png
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
3d1cab466ceafc0f6e107cab0682de636681d30173b57bcca4798292fe51c75d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Thu, 20 Feb 2020 19:14:20 GMT
Server
nginx/1.14.2
Age
63821
ETag
"124b-59f06b642bb00"
Content-Type
image/png
Cache-Control
max-age=1814400
X-Varnish
24663494 24582051
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4683
cse.js
cse.google.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=partner-pub-0149528545016404:4405716859
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
f89bbf6e96f3ab581d9d82ad9da05b17fa340b4d330d432415e1b394ece12515
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Sun, 12 Jun 2022 06:04:35 GMT
content-encoding
br
accept-ch
Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2920
x-xss-protection
0
server
gws
expires
Sun, 12 Jun 2022 06:04:35 GMT
286621.jpg
www.allspots.com/datastor/images/fp/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/fp/286621.jpg
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
3fbc5befd997e502996d5295700a9f1969e1bf703506b85ecd2579b5f16da393

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Mon, 02 Mar 2020 08:38:42 GMT
Server
nginx/1.14.2
Age
79745
ETag
"3bad-59fdb1d502880"
Content-Type
image/jpeg
Cache-Control
max-age=1814400
X-Varnish
24764617 24296868
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15277
286385.jpg
www.allspots.com/datastor/images/fp/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/fp/286385.jpg
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
8e0668791190cc528ee418afc8079ac06c55ef83ec7c185b8260fbbb22606980

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Mon, 02 Mar 2020 09:04:15 GMT
Server
nginx/1.14.2
Age
79745
ETag
"30fb-59fdb78afe1c0"
Content-Type
image/jpeg
Cache-Control
max-age=1814400
X-Varnish
24563120 24149194
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12539
286384.jpg
www.allspots.com/datastor/images/fp/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/fp/286384.jpg
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
d55933dfacdcdde8973a9496742789ed88c9609c538f8b445dc4624a65186ced

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Mon, 02 Mar 2020 09:04:01 GMT
Server
nginx/1.14.2
Age
79745
ETag
"2d65-59fdb77da4240"
Content-Type
image/jpeg
Cache-Control
max-age=1814400
X-Varnish
24764619 24149197
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11621
286388.jpg
www.allspots.com/datastor/images/fp/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/fp/286388.jpg
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
98951966920836449d1486596e714bbc87c25bad8c5f4768bab38fb794b92993

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Mon, 02 Mar 2020 09:04:50 GMT
Server
nginx/1.14.2
Age
79745
ETag
"3722-59fdb7ac5f080"
Content-Type
image/jpeg
Cache-Control
max-age=1814400
X-Varnish
24663496 24296871
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14114
286389.jpg
www.allspots.com/datastor/images/fp/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/fp/286389.jpg
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
601b63ad2d77fb7eee00d91d5017a18324bc8f0ef2e78321154e0be00212f924

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Mon, 02 Mar 2020 08:39:00 GMT
Server
nginx/1.14.2
Age
79745
ETag
"52d7-59fdb1e62d100"
Content-Type
image/jpeg
Cache-Control
max-age=1814400
X-Varnish
24563114 24149200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21207
286387.jpg
www.allspots.com/datastor/images/fp/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/fp/286387.jpg
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
fb81496a7caeddd94a64a7b4af4e470868932cd0109ebba9bb62ff1e04affb8f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Mon, 02 Mar 2020 09:04:31 GMT
Server
nginx/1.14.2
Age
79745
ETag
"2fc9-59fdb79a405c0"
Content-Type
image/jpeg
Cache-Control
max-age=1814400
X-Varnish
24563112 24149203
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12233
285935.jpg
www.allspots.com/datastor/images/fp/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/fp/285935.jpg
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
ddca9e0993397f221f8832feaa3e70cc62773d37ebff055bbb33d131267d3e67

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Mon, 02 Mar 2020 09:02:06 GMT
Server
nginx/1.14.2
Age
68386
ETag
"1ea2-59fdb70ff7f80"
Content-Type
image/jpeg
Cache-Control
max-age=1814400
X-Varnish
24663498 24070927
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7842
280372.jpg
www.allspots.com/datastor/images/fp/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/fp/280372.jpg
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
955618f73439d96e75a99cc977d716639affff09c6a9827fd4f491f413eabe2c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Mon, 02 Mar 2020 09:02:57 GMT
Server
nginx/1.14.2
Age
68386
ETag
"14db-59fdb7409b240"
Content-Type
image/jpeg
Cache-Control
max-age=1814400
X-Varnish
24487569 24517206
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5339
right_side_logo.png
www.allspots.com/datastor/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/right_side_logo.png
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
788f3e6bf5896304cb01c05e214709914025fd0cf7988a9171c0b34d21800aab

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Sun, 19 Jan 2020 18:42:28 GMT
Server
nginx/1.14.2
Age
63821
ETag
"e0c-59c82895fed00"
Content-Type
image/png
Cache-Control
max-age=1814400
X-Varnish
24563116 24582054
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3596
facebook.jpg
www.allspots.com/datastor/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/facebook.jpg
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
eabe3b0f33e7f11ddd1acda95923b01d8b08b082afe8f21ef64f9c16d1b3cee0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Sun, 19 Jan 2020 18:58:43 GMT
Server
nginx/1.14.2
Age
63821
ETag
"60e-59c82c37d3ec0"
Content-Type
image/jpeg
Cache-Control
max-age=1814400
X-Varnish
24563118 24676138
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1550
jquery.js
www.allspots.com/datastor/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allspots.com/datastor/js/jquery.js
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Jan 2015 07:47:59 GMT
Server
nginx/1.14.2
Age
63812
ETag
"17629-50d10a85f29c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish (Varnish/6.1)
Cache-Control
max-age=1814400
X-Varnish
24563106 24392736
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33224
bootstrap.min.js
www.allspots.com/datastor/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allspots.com/datastor/js/bootstrap.min.js
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Jan 2015 07:47:59 GMT
Server
nginx/1.14.2
Age
63812
ETag
"8a7c-50d10a85f29c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish (Varnish/6.1)
Cache-Control
max-age=1814400
X-Varnish
24663492 24392739
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9407
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
995964322398d7c55e6386e1db3f0ce23b2fc9a8ddf03ccc5d6b8e1bed12cba0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
huT8Mu/Y7pX0qP7mP/IT4A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sun, 12 Jun 2022 06:06:42 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
tzpwRkO9Y1Lag56FxRZfA7fKdUGxH+J9a90VLukPwwffOAYP1nZ4Yz0qImxlWkL6tm/zmNCEEvLEi/vGyN7M5A==
x-fb-trip-id
917726464
x-fb-content-md5
f5d079c21cc0ef1e35e34d537db432b9
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 12 Jun 2022 06:04:35 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"07d2c975d6f74f6000caedb5e5563ba8"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
glyphicons-halflings-regular.woff2
www.allspots.com/datastor/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.allspots.com/datastor/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/datastor/css/bootstrap_and_jsstyle.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://www.allspots.com/datastor/css/bootstrap_and_jsstyle.css
Origin
https://www.allspots.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Sun, 24 Sep 2017 02:38:08 GMT
Server
nginx/1.14.2
Age
63812
ETag
"466c-559e6550fc400"
Content-Type
font/woff2
Cache-Control
max-age=1814400
X-Varnish
24563110 24676179
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18028
logo_bg.jpg
www.allspots.com/datastor/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allspots.com/datastor/images/logo_bg.jpg
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/datastor/css/bootstrap_and_jsstyle.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.83.165.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
varnode1.metalio.com
Software
nginx/1.14.2 /
Resource Hash
ee9afbfa9e39ecd4c7b0044e071ff9323c90b549455de1fbd714563020f40dca

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/datastor/css/bootstrap_and_jsstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 06:04:35 GMT
Via
1.1 varnish (Varnish/6.1)
Last-Modified
Mon, 27 Apr 2015 09:51:30 GMT
Server
nginx/1.14.2
Age
63821
ETag
"156b-514b1b0b56c80"
Content-Type
image/jpeg
Cache-Control
max-age=1814400
X-Varnish
24764613 24582057
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5483
sdk.js
connect.facebook.net/en_US/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=aab46514a4f8871236bfc5aac78ebe23
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
76417d7b0ddeca42b2b2552757731b01716b2625217159539f4cf3ade4ad2041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.allspots.com/
Origin
https://www.allspots.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
VHI3AvAlXUvOV/LEL2+e3g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 12 Jun 2023 01:49:47 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85846
x-fb-rlafr
0
x-fb-debug
yfDPvzhaD3Rtxko25/rVSYi0d7WMKvgXbaTYZ6gAetdR5ToQplLo0qi22Hw1OY/zwUuxC7b3fXCx45FmtmItzA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
8a83d23a315af68f67df6d42393cafcf
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 12 Jun 2022 06:04:35 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"f1ecc299c31a477cfa042aa57f0765da"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cse_element__en.js
www.google.com/cse/static/element/3e1664f444e6eb06/ 		303 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-0149528545016404:4405716859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 20:35:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102672
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 17:07:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 07 Jun 2023 20:35:02 GMT
default+en.css
www.google.com/cse/static/element/3e1664f444e6eb06/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-0149528545016404:4405716859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 20:35:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 17:07:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 07 Jun 2023 20:35:02 GMT
shiny.css
www.google.com/cse/static/style/look/v4/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/shiny.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-0149528545016404:4405716859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb1c7ac42d67db1385aa4eb4f30d35c4370bce6c49cfac0559c3a677c564860a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:38:16 GMT
x-content-type-options
nosniff
age
1579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5353
x-xss-protection
0
last-modified
Wed, 12 Aug 2020 16:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 12 Jun 2022 06:28:16 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55911075-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6327
date
Sun, 12 Jun 2022 04:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 12 Jun 2022 06:19:08 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0149528545016404&plah=www.allspots.com&bust=31067972
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c9c53bc80ff7e918204894fa5c41f6f4180af4e8ad95958940fc0a8389b0a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122904
x-xss-protection
0
server
cafe
etag
4684025731132947815
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 12 Jun 2022 06:04:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/ Frame 313A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.allspots.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
49943
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4416
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 16:12:12 GMT
etag
14734731752043123527
expires
Sat, 25 Jun 2022 16:12:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2072708154&t=pageview&_s=1&dl=https%3A%2F%2Fwww.allspots.com%2F&ul=en-us&de=UTF-8&dt=ALLSPOTS%20%E2%98%8E%3A%20AllSpots%20-%20Guide%2C%20Events%20%26%20Directory&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=800395836&gjid=1721916004&cid=652542782.1655013875&tid=UA-55911075-2&_gid=1077460572.1655013875&_r=1&gtm=2ou680&z=2144809073
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.allspots.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.allspots.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
async-ads.js
cse.google.com/adsense/search/ 		139 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__en.js?usqp=CAI%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83c15ddd94af921d855c153e98f5b29d9951bdba6f52d703f7662514f7c62725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"17372565205018195239"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Sun, 12 Jun 2022 06:04:35 GMT
cse_theme_shiny_form_bg.png
cse.google.com/cse/images/look/
Redirect Chain
  • https://www.google.com/cse/images/look/cse_theme_shiny_form_bg.png
  • https://cse.google.com/cse/images/look/cse_theme_shiny_form_bg.png
96 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cse.google.com/cse/images/look/cse_theme_shiny_form_bg.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/style/look/v4/shiny.css
Protocol
H3
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
pfe /
Resource Hash
bb2ec4fee8684fdf2d725fb75a78581ded613b3fff49f8b1f20fae91db208c36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:53:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Oct 2009 21:11:53 GMT
server
pfe
age
683
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96
x-xss-protection
0
expires
Sun, 12 Jun 2022 06:23:12 GMT

Redirect headers

date
Sun, 12 Jun 2022 05:52:53 GMT
x-content-type-options
nosniff
server
sffe
age
702
content-type
text/html; charset=UTF-8
location
https://cse.google.com/cse/images/look/cse_theme_shiny_form_bg.png
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
263
x-xss-protection
0
expires
Sun, 12 Jun 2022 06:22:53 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 05:46:24 GMT
x-content-type-options
nosniff
age
346691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 08 Jun 2023 05:46:24 GMT
branding.png
www.google.com/cse/static/images/1x/en/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/en/branding.png
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 12:42:21 GMT
x-content-type-options
nosniff
age
62534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1372
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 11 Jun 2023 12:42:21 GMT
generate_204
clients1.google.com/ 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-55911075-2&cid=652542782.1655013875&jid=800395836&gjid=1721916004&_gid=1077460572.1655013875&_u=YEBAAUAAAAAAAC~&z=342833595
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.allspots.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 12 Jun 2022 06:04:35 GMT
content-type
text/plain
access-control-allow-origin
https://www.allspots.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		216 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.allspots.com&callback=_gfp_s_&client=ca-pub-0149528545016404
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0149528545016404&plah=www.allspots.com&bust=31067972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
016ed5402d1ba36a0fe71dc78ce8ba1ec770120c93fd4bbd659489431f31fc28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=www.allspots.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0149528545016404&plah=www.allspots.com&bust=31067972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 06:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.allspots.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0149528545016404&plah=www.allspots.com&bust=31067972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 06:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.allspots.com%2F&tn=NAV&cls=navbar%20navbar-inverse%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 19C7 		135 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&adk=1812271804&adf=3025194257&lmt=1655013875&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.allspots.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875337&bpp=3&bdt=290&idt=182&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=647903484125&frm=20&pv=2&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0149528545016404&plah=www.allspots.com&bust=31067972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1cb6f5c7de11b123aac833daede5338ec2d9f4e9a3341b57b4401ed84d37910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.allspots.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
44786
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 06:04:35 GMT
expires
Sun, 12 Jun 2022 06:04:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 50CF 		72 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0149528545016404&plah=www.allspots.com&bust=31067972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5e789a7f7f0879a52ea91f43f8cd4ce0ebbbe9bf595ddbad663612ff285b55a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.allspots.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
30949
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 06:04:35 GMT
expires
Sun, 12 Jun 2022 06:04:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-55911075-2&cid=652542782.1655013875&jid=800395836&_u=YEBAAUAAAAAAAC~&z=1004265874
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-55911075-2&cid=652542782.1655013875&jid=800395836&_u=YEBAAUAAAAAAAC~&z=1004265874
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F4AD 		624 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY9a7WyAEwAQ&v=APEucNV1VUQuuDqnWTK_ZbIFr2667nwp_UTAoUBt1nffqCijPIXjZPx2T7mJxtTdW_yPqWYcPEGeMC3qYtUv5C96uWNBaDgmlPxa2Gv8kaqt0Y9KuEnRerSdc5cr0I4qwecMQxhRxxaVU38zTYeSQxmOPEWjAUEWa8lMOf_BmOOQ4HAMdP7HaRU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 06:04:35 GMT
expires
Sun, 12 Jun 2022 06:04:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/ Frame 37DE 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/abg_lite_fy2021.js
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4385ce68ba65a6c2764beb260a537b22f9e9757433721b4ae06bbab7a3cb4809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5820
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8668
x-xss-protection
0
server
cafe
etag
13623652577628218544
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:27:35 GMT
3245378803587219329
s0.2mdn.net/simgad/ Frame 37DE 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3245378803587219329
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6494a5af4263baa128cb8d1260cfeb6913b30f23423c75de5df769372dd7d163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 07:15:40 GMT
x-content-type-options
nosniff
age
514136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53560
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 13:25:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 07:15:40 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/elements/html/ Frame 37DE 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1832
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 05:34:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 37DE 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZ5p8w_N0Zv9ZgG-wu_HByZ5_8QOb7BIFp1EiW3U_BECQF0Il5Hx6Dij6tqVoQRrA1U8tEr2JAqKeUvtcr8ATHx6w5PyFBCUjuaTIQzgkCUUPtIz5FxvghEKdH9vNrS8rheCQkrYHEjNn3lXEp8rEBvcEReE-vJqk6erYQ-ufa7Mn2aLMuamq1D-OlX36V809byp3Q52ZJivK017Ipw1B-0KDLCKWyNVAoxnZ_MRjyvP8enxegxyMd6eP5U0eI0paAc6Ot9xDk-lOpg7ry1bvwuUyiS1ELREUNbMdJ5S5BMmxc2PZ8hFCWuIE41zSVOA3Doy5Vm8hcm1pem8x_u_4tg7AVArTwrIBvnvtyPAGwLljPywcXvI_K8V4j0vXITYTjy8NHMvgou_FJBbnn3f_IbBADF5kvzPtQYkD3eE9V28mfPo-bFtCqH2Na7t6m5DTzOg3R8ybwthSfyTV2jk_iJe8RA0vadNRH0bLY-lrdTLfwoY_lTmTv6yvJoEAg0MMiG7IV6FJCLRxwlth4lbQTebv7WK8YPU_JD0kz647MfsrqlIMlq5qX1UVswyb-EnEiGjWZOsfWshSoRBQPpO2FGZnYe3J9LurPmJdWUZ0OeY8EqibdPPLo8gcUwkBEk_B4W3E0oUNpCgdOlHzzPIoxfontrr3wObdgWnTllbNfiYxLF941FHRSyPyCg7HDEkZ0h3-5lvzwo-kfL7ejipJyHG2QHDp2DwzA42JU0GqyGXvUR_GiIa5WknmbKRToLPVCG36L4cz3rw7XF4NPzpOd4etuVW8ZH8p3Z-TWbDF7AnFX2pJJjkfJn03HoIlGV9z3Cjte_lvnK1a8axrlYsbSMMEUdYirmsPf8pXs0ZIybfx2eqkcjjk2nKZvOG4-ijN8pv3qBhC2AzRo10uwOSZ5GSyneHchOuJBdlIK0LbQHhQPXFgxxL_CCwzJ1zVJKZS5_rZs0gNhLxX-j8nugVIano5RHtvcx6qOSC2RLX2UgIjBB0Enw8dmD0djp7pSnzDKE033h6Ge2ToOoO3Z9fzsz5SUoJn6TV-yko5Oci74PCV6XeFmTx8xAlZicqcUJ0ptsLhO-q-IMsIu6Lbbt9_ilFPPfhvAguY1do6_&sai=AMfl-YRfM0mDbKr55RwOt4PadZ_e45bLllyJ-PT7mGBjn-tBBDjux1e58AMEBzNyNZGCoD_OfzRefbhO2MM5OFAicKt204tEOouhgBwJF-K3GDAVJyt_5FB19rzOL7D44mOE6hfBVrIiNE2p-kZkUYQSGkw8QilqUGflcKjnomm57_3Nm_To-FMqwlY&sig=Cg0ArKJSzKl4nXELbBWIEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220608.86465&adurl=
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 12 Jun 2022 06:04:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 37DE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 11:41:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Jun 2023 11:41:24 GMT
B27528274.333907589;dc_pre=CN7cuJGfp_gCFdGAewodsv4AeQ;dc_trk_aid=525843896;dc_trk_cid=170089770;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N418801.3023564SEEDTAG-FR/ Frame 37DE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N418801.3023564SEEDTAG-FR/B27528274.333907589;dc_trk_aid=525843896;dc_trk_cid=170089770;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N418801.3023564SEEDTAG-FR/B27528274.333907589;dc_pre=CN7cuJGfp_gCFdGAewodsv4AeQ;dc_trk_aid=525843896;dc_trk_cid=170089770;ord=[timestamp];dc_lat=;dc_rdid=;ta...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N418801.3023564SEEDTAG-FR/B27528274.333907589;dc_pre=CN7cuJGfp_gCFdGAewodsv4AeQ;dc_trk_aid=525843896;dc_trk_cid=170089770;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H3
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N418801.3023564SEEDTAG-FR/B27528274.333907589;dc_pre=CN7cuJGfp_gCFdGAewodsv4AeQ;dc_trk_aid=525843896;dc_trk_cid=170089770;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1007717/62211789/ Frame 37DE 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/1007717/62211789/skeleton.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.65.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-65-246.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
acff014e5d566e28e7367ed157b7d5a489a42cdda33067b9a43eb5aea83e526e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 37DE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 06:02:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37DE 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43429
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654688687962514"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Jun 2022 06:04:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 37DE 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 06:00:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37DE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDbF2C9M_zXY_stDBhlOdo8YsCQZS69nwV2bzzhGnPx1WwngZVFs6DpFfX674frtLZ9Un_KybC09d41kTB-d25DVRGHjcucB6W13RKomJvo-NfNhw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/reactive_library_fy2019.js?bust=31067972
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0149528545016404&plah=www.allspots.com&bust=31067972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3d49d4144f4fcdb81deceafe5bf0adc9221c50b48d131ecf72a4ee23f9fa573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54420
x-xss-protection
0
server
cafe
etag
15313204978953455773
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Jun 2022 06:04:36 GMT
rum
dsum-sec.casalemedia.com/ Frame F4AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHMZ9KHjc-JzvXk54kY85k&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHMZ9KHjc-JzvXk54kY85k&google_cver=1&C=1
43 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHMZ9KHjc-JzvXk54kY85k&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY9a7WyAEwAQ&v=APEucNV1VUQuuDqnWTK_ZbIFr2667nwp_UTAoUBt1nffqCijPIXjZPx2T7mJxtTdW_yPqWYcPEGeMC3qYtUv5C96uWNBaDgmlPxa2Gv8kaqt0Y9KuEnRerSdc5cr0I4qwecMQxhRxxaVU38zTYeSQxmOPEWjAUEWa8lMOf_BmOOQ4HAMdP7HaRU
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 06:04:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 12 Jun 2022 06:04:36 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 06:04:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESECHMZ9KHjc-JzvXk54kY85k&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Sun, 12 Jun 2022 06:04:36 GMT
rum
dsum-sec.casalemedia.com/ Frame F4AD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqWB9KXBGKlJdCUwhU5mBgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHMZ9KHjc-JzvXk54kY85k&google_cver=1
43 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHMZ9KHjc-JzvXk54kY85k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY9a7WyAEwAQ&v=APEucNV1VUQuuDqnWTK_ZbIFr2667nwp_UTAoUBt1nffqCijPIXjZPx2T7mJxtTdW_yPqWYcPEGeMC3qYtUv5C96uWNBaDgmlPxa2Gv8kaqt0Y9KuEnRerSdc5cr0I4qwecMQxhRxxaVU38zTYeSQxmOPEWjAUEWa8lMOf_BmOOQ4HAMdP7HaRU
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 06:04:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 12 Jun 2022 06:04:36 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHMZ9KHjc-JzvXk54kY85k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F4AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKyiLhEndEjpUtq14k909OM&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKyiLhEndEjpUtq14k909OM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY9a7WyAEwAQ&v=APEucNV1VUQuuDqnWTK_ZbIFr2667nwp_UTAoUBt1nffqCijPIXjZPx2T7mJxtTdW_yPqWYcPEGeMC3qYtUv5C96uWNBaDgmlPxa2Gv8kaqt0Y9KuEnRerSdc5cr0I4qwecMQxhRxxaVU38zTYeSQxmOPEWjAUEWa8lMOf_BmOOQ4HAMdP7HaRU
Protocol
HTTP/1.1
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 06:04:36 GMT
X-Proxy-Origin
92.222.212.18; 92.222.212.18; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3622f179-451a-474a-a1fd-1fa2de0260c4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKyiLhEndEjpUtq14k909OM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F4AD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI3MjUwMTY2ODM0MzI5MTA5MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI3MjUwMTY2ODM0MzI5MTA5MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY9a7WyAEwAQ&v=APEucNV1VUQuuDqnWTK_ZbIFr2667nwp_UTAoUBt1nffqCijPIXjZPx2T7mJxtTdW_yPqWYcPEGeMC3qYtUv5C96uWNBaDgmlPxa2Gv8kaqt0Y9KuEnRerSdc5cr0I4qwecMQxhRxxaVU38zTYeSQxmOPEWjAUEWa8lMOf_BmOOQ4HAMdP7HaRU
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 06:04:36 GMT
X-Proxy-Origin
92.222.212.18; 92.222.212.18; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d61d30b-929c-4e89-b24c-2471a788e946
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI3MjUwMTY2ODM0MzI5MTA5MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.fr/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=www.allspots.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0149528545016404&plah=www.allspots.com&bust=31067972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 06:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.allspots.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0149528545016404&plah=www.allspots.com&bust=31067972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 06:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/ Frame 62E4 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0149528545016404&plah=www.allspots.com&bust=31067972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.allspots.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
43785
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4416
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 17:54:51 GMT
etag
14734731752043123527
expires
Sat, 25 Jun 2022 17:54:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0FFD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
152592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jun 2022 11:41:24 GMT
expires
Sat, 10 Jun 2023 11:41:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/ Frame 43F5 		2 KB
899 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/index.html
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d29dc101d74c35f7abcbb4fe6954b16b49e4cb394da2e9ada996a4e96b90903d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
174072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
869
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jun 2022 05:43:24 GMT
expires
Sat, 10 Jun 2023 05:43:24 GMT
last-modified
Fri, 18 Mar 2022 09:46:31 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
B27463676.331655781;dc_pre=CIaqvpGfp_gCFQKedwodsAACTA;dc_trk_aid=523480262;dc_trk_cid=168269006;ord=400190837;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 62E4
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27463676.331655781;dc_trk_aid=523480262;dc_trk_cid=168269006;ord=400190837;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
  • https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27463676.331655781;dc_pre=CIaqvpGfp_gCFQKedwodsAACTA;dc_trk_aid=523480262;dc_trk_cid=168269006;ord=400190837;dc_lat=;dc_rdid=;tag_...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27463676.331655781;dc_pre=CIaqvpGfp_gCFQKedwodsAACTA;dc_trk_aid=523480262;dc_trk_cid=168269006;ord=400190837;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27463676.331655781;dc_pre=CIaqvpGfp_gCFQKedwodsAACTA;dc_trk_aid=523480262;dc_trk_cid=168269006;ord=400190837;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 62E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CQA1a84GlYvWkJtyFwuIP7-mW4A6Ozr3_adyUr_6yD8KAtKffHhABIP2D9gFg-wGgAfS4v8UDyAEJqAMByANIqgTWAU_Q1ZjAeSuPQJ0AJ9Lh7HfW1IUw_YEdBgFaSGB0xz3ad1jw7pxX8pOYgbCXSV061QjQh7Bp9dd_AppMN6YYvHqxlQak9lol6pAeEjFsyPABZ-afHp4yE-wY09GRpjaoKdESKIRMrGvm8PPFFsPVHZu9Z3eXSHCKx0n4E6Ot3uRt-RFIT9HWQve9LTRgaCsrp4w4_M5Bbf9VEmoefZ2GsOXtJ4BUFeHTwPh6DaWft2nK2MAHdm-0JVzDXOHbuvmtjm1SzlguFyILmBaiubEq3Zer5cQa9cnABKDw9dKMBJIFBAgEGAGSBQQIBRgEoAYugAeQ0sOlAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEI-rDdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0wMTQ5NTI4NTQ1MDE2NDA0GAA&sigh=a70faNmZumY&uach_m=[UACH]&template_id=419
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 12 Jun 2022 06:04:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/ Frame 62E4 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4385ce68ba65a6c2764beb260a537b22f9e9757433721b4ae06bbab7a3cb4809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 05:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8668
x-xss-protection
0
server
cafe
etag
13623652577628218544
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 05:53:10 GMT
main.gr.19.8.316.js
static.adsafeprotected.com/ Frame 37DE 		191 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.316.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1007717/62211789/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac9735bf2e45c6a7e0813911d309bc736b93daada029937eba6b4225e3ac6934

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 18:53:49 GMT
content-encoding
gzip
age
731448
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 03 Jun 2022 16:33:05 GMT
server
AmazonS3
etag
W/"4d520be62bef0cc0d7164fce2525c327"
vary
Accept-Encoding
x-amz-version-id
OpNA3YhBEsD2NkM7cHthafiM7bqSj2wQ
via
1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P7
content-type
application/javascript
x-amz-cf-id
x3_3xw_9s_dVwkpWKoZmcesjckY_Ms3p9_kEas7qGDoKlth1nV68Eg==
truncated
/ Frame 37DE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8da5adff23cfa23582f6dde18d58217204665b2baaba2c2e54525edf4f79de9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 37DE 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZ5p8w_N0Zv9ZgG-wu_HByZ5_8QOb7BIFp1EiW3U_BECQF0Il5Hx6Dij6tqVoQRrA1U8tEr2JAqKeUvtcr8ATHx6w5PyFBCUjuaTIQzgkCUUPtIz5FxvghEKdH9vNrS8rheCQkrYHEjNn3lXEp8rEBvcEReE-vJqk6erYQ-ufa7Mn2aLMuamq1D-OlX36V809byp3Q52ZJivK017Ipw1B-0KDLCKWyNVAoxnZ_MRjyvP8enxegxyMd6eP5U0eI0paAc6Ot9xDk-lOpg7ry1bvwuUyiS1ELREUNbMdJ5S5BMmxc2PZ8hFCWuIE41zSVOA3Doy5Vm8hcm1pem8x_u_4tg7AVArTwrIBvnvtyPAGwLljPywcXvI_K8V4j0vXITYTjy8NHMvgou_FJBbnn3f_IbBADF5kvzPtQYkD3eE9V28mfPo-bFtCqH2Na7t6m5DTzOg3R8ybwthSfyTV2jk_iJe8RA0vadNRH0bLY-lrdTLfwoY_lTmTv6yvJoEAg0MMiG7IV6FJCLRxwlth4lbQTebv7WK8YPU_JD0kz647MfsrqlIMlq5qX1UVswyb-EnEiGjWZOsfWshSoRBQPpO2FGZnYe3J9LurPmJdWUZ0OeY8EqibdPPLo8gcUwkBEk_B4W3E0oUNpCgdOlHzzPIoxfontrr3wObdgWnTllbNfiYxLF941FHRSyPyCg7HDEkZ0h3-5lvzwo-kfL7ejipJyHG2QHDp2DwzA42JU0GqyGXvUR_GiIa5WknmbKRToLPVCG36L4cz3rw7XF4NPzpOd4etuVW8ZH8p3Z-TWbDF7AnFX2pJJjkfJn03HoIlGV9z3Cjte_lvnK1a8axrlYsbSMMEUdYirmsPf8pXs0ZIybfx2eqkcjjk2nKZvOG4-ijN8pv3qBhC2AzRo10uwOSZ5GSyneHchOuJBdlIK0LbQHhQPXFgxxL_CCwzJ1zVJKZS5_rZs0gNhLxX-j8nugVIano5RHtvcx6qOSC2RLX2UgIjBB0Enw8dmD0djp7pSnzDKE033h6Ge2ToOoO3Z9fzsz5SUoJn6TV-yko5Oci74PCV6XeFmTx8xAlZicqcUJ0ptsLhO-q-IMsIu6Lbbt9_ilFPPfhvAguY1do6_&sai=AMfl-YRfM0mDbKr55RwOt4PadZ_e45bLllyJ-PT7mGBjn-tBBDjux1e58AMEBzNyNZGCoD_OfzRefbhO2MM5OFAicKt204tEOouhgBwJF-K3GDAVJyt_5FB19rzOL7D44mOE6hfBVrIiNE2p-kZkUYQSGkw8QilqUGflcKjnomm57_3Nm_To-FMqwlY&sig=Cg0ArKJSzKl4nXELbBWIEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=194&vt=11&dtpt=193&dett=2&cstd=0&cisv=r20220608.86465&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.allspots.com
URL: https://www.allspots.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 06:04:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 43F5 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 13:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 12 Jun 2022 13:42:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 43F5 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 23:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 12 Jun 2022 23:30:04 GMT
lottie_light.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/ Frame 43F5 		179 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/lottie_light.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d386d1935249c8bb044bbbb3bef0d855a2260709f4a956048ba92922e39d1682
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
178018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49382
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 09:46:31 GMT
server
sffe
date
Fri, 10 Jun 2022 04:37:38 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 10 Jun 2023 04:37:38 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 71A0 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
2296
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 12 Jun 2022 05:26:20 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 62E4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 06:02:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 62E4 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43429
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654688687962514"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Jun 2022 06:04:36 GMT
CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js
pagead2.googlesyndication.com/bg/ Frame 0FFD 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a7a1902cf0b2c62dd8999afc07e491bed0e97e18f790feeb4a222d4e40509bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 05:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
88769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13857
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Jun 2023 05:25:07 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 71A0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 12 Jun 2022 06:04:36 GMT
expires
Sun, 12 Jun 2022 06:04:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 12 Jun 2022 06:04:36 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
data.json
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/ Frame 43F5 		158 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/data.json
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/lottie_light.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cbb0e2ba0e6ae7bef3429d447b0f5eea6f016fe3f88188c202681ef9636a17e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
178017
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18611
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 09:46:31 GMT
server
sffe
date
Fri, 10 Jun 2022 04:37:39 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 10 Jun 2023 04:37:39 GMT
skeleton.js
static.adsafeprotected.com/ Frame 37DE
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1007717/62211789/skeleton.js?adsafe_url=https%3A%2F%2Fwww.allspots.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.allspots.com%2F&adsafe_type=c&adsafe_url=h...
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H2
Server
2600:9000:2491:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
age
10080393
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
bSCN7Vv6zZHCqdS-vKF6KHwCDso-uw05sTElysemr_6mxd1edcW5BQ==

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 0D76 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
2323803
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P7
content-type
application/javascript
x-amz-cf-id
0DBbl8ToxJfd9rcTFcmhKdePLBjrVLMRz62VvukOdPnoJH8H3C2lHw==
dt
dt.adsafeprotected.com/ Frame 37DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007717&asId=d544c893-970f-3ce2-4478-0e089ca2f3ee&tv=%7Bc:fiIW6H,pingTime:-3,time:208,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:184%7D,%7Bpiv:0,vs:o,r:l,t:207%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:1,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:208,n:207,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B35~1,0~0%5D,as:%5B35~728.90%5D%7D%7D,%7Bsl:o,t:207,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t8wlyPt+11%7C12%7C131*.1007717-62211789%7C1311%7C13121%7C141%7C142,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.218.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-218-67.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 37DE 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007717&asId=d544c893-970f-3ce2-4478-0e089ca2f3ee&tv=%7Bc:fiIW6J,pingTime:-6,time:210,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:1,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:210,n:207,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B35~1,0~0%5D,as:%5B35~728.90%5D%7D%7D,%7Bsl:o,t:207,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t8wlyPt+11%7C12%7C131*.1007717-62211789%7C1311%7C13121%7C141%7C142,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:www.allspots.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.218.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-218-67.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js
pagead2.googlesyndication.com/bg/ Frame 43F5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a7a1902cf0b2c62dd8999afc07e491bed0e97e18f790feeb4a222d4e40509bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 05:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
88769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13857
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Jun 2023 05:25:07 GMT
img_0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/images/ Frame 43F5 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/images/img_0.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5e6e1dc12ddd8400b414ba099ff0938a243932c5191c45fac0b9755b03a6b2d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
178017
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72035
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 09:46:31 GMT
server
sffe
date
Fri, 10 Jun 2022 04:37:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 10 Jun 2023 04:37:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 62E4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 06:00:50 GMT
dt
dt.adsafeprotected.com/ Frame 37DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007717&asId=d544c893-970f-3ce2-4478-0e089ca2f3ee&tv=%7Bc:fiIW7T,pingTime:-2,time:282,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:19,bdZ:149,beA:171,beZ:172,mfA:339,cmA:340,inA:341,inZ:345,prA:345,prZ:349,si:356,poA:357,poZ:372,cmZ:372,mfZ:372,loA:380,loZ:383,ltA:452,ltZ:452%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.108,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:184%7D,%7Bpiv:0,vs:o,r:l,t:207%7D,%7Bpiv:100,vs:i,r:,t:278%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:1,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:4,o:278,n:207,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B35~1,0~0%5D,as:%5B35~728.90%5D%7D%7D,%7Bsl:o,t:207,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~728.90%5D%7D%7D,%7Bsl:i,t:278,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4~100%5D,as:%5B4~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t8wlyPt+11%7C12%7C131*.1007717-62211789%7C1311%7C13121%7C141%7C142,idMap:131*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:95,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.218.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-218-67.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
truncated
/ Frame 62E4 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
841e93cdda56cb9737674b3ca2932c8e4289828ea45158c5101ad9476a985724

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FFD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bi87y84GlYoinJs_Otwf6irxIAAAAADgB4AQC&bg=!DA-lD0vNAAaJfvByqX47ACkAdvg8WmNXBqLfrbSZWlDxK35ee3BhrgORoj5a-ovCJav7rO62mPhhtAIAAAEcUgAAAAFoAQeZAvObrXQ3BJcRQKd8jqR-uY5Nj3_sWqiCJay3IjZKEzQF3R9IVRHBobhDDmPOPNj2rAfRPDTgSe2WhT84VGHDUpiJFBf7xJWLGM9Q8wsGOgYQ74GzDrhx8cap7dUEOYcQIcLUkylcC4WNEJp0aWo55D6bV9nzCHfn-SNOuQ9_hkCR_lSLF7wnP2tQmDQJQ8OSuaauJenjI5p89MZZQOv14Op3clCMg-qGe93KvJ5UdKT6pRGwryjFVtr1Ra0XZBGcX7sNOqsvXNQD3szTYigb2d3BFpsr6rsncJE3A6AXNK7wIJyjfnlY2eBeb_H0ZHh5LAB7UUGe8qtBrPsApg3x-RCUH1klxjkUkURPSGPWNQ8EEToq6SYJa3Uww9V3917vbMGwbKZnhs1A09NKURivc3h4htpmQ1QTYwcNq8zv-BehwDpOdLP3eLzzkCau9YN-On5UlF9tJDLHL755EW8B9KYlysGdLYxZVL3vQdrO0hSREhwSZEyJgC6FeWmWjQdOHy5kjnN0vGaN_z-KRDFyrbqkGSV0eh8RwIVm0Q0-Ik3XZwtawMX1oJCGH5x2iGypG7g1h9owGTHLPkE2fHa2YUXJuDusLr8Bglr0C4QJecM-EJW4jh6wOHxQ5IVt-IdRkzkcEdbkSma6ZR-NZa-vqPQMZvo26csGZEAtXFljD4_37l4PSLO8lOVF9cS1oCg7V-XoVtYmE-NcN6pibYDkHODSMB4_k-16ypmM1tqly65d_zMTjqtgHxKyeveGZWksYHqyaDGb0U1_9I0ZN8RA3YCqCWR7zxEeXkZNUc0aPnuTISGc9nfGPs3QOnAEAKGzPq_HhoFUBlBOmpjIBPiVRORWFe2OYF6bQeI53pcrljZ_yOLHjYx4cOLcoPFaM96TycL7iT_Z5MDOCdnuQPw7h5bIWAtnP1QQckynpzWo8sVnt8bruwEDsxuWCgWR5OzTJWE81xsH89oQYTQxeAVAKDrk4oR9m8E0HT5mMG8c17dd3iVWNw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 37DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007717&asId=d544c893-970f-3ce2-4478-0e089ca2f3ee&tv=%7Bc:fiIWae,time:427,type:e,im:%7Bimprf:%7Bttecl:525,ecd:117,tsecr:70%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:1,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:149,o:278,n:207,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B35~1,0~0%5D,as:%5B35~728.90%5D%7D%7D,%7Bsl:o,t:207,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~728.90%5D%7D%7D,%7Bsl:i,t:278,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B149~100%5D,as:%5B149~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t8wlyPt+11%7C12%7C131*.1007717-62211789%7C1311%7C13121%7C141%7C142,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.218.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-218-67.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 37DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007717&asId=d544c893-970f-3ce2-4478-0e089ca2f3ee&tv=%7Bc:fiIWdT,pingTime:-10,time:654,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMi4wLjUwMDUuNjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1655013876772%7C%7C862a4bfb34cc461c878528e1ca75d21a%7C%7C964e3af713011c1f80eb8ddd3aa7991e%7C%7Ce9bfad0c4b2f6f7107bf12279797e5c3%7C%7Cd99032e4ba17bb3d7b3d057ff897cc18%7C%7C85615ca740a9cc2ed545413035fa7453%7C%7C8be1c30db7092e00900b0b70bc7aec95%7C%7Cd52b5e181d2f2475de6583313084a7dc%7C%7C1629390669%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0149528545016404&output=html&h=90&slotname=9971816417&adk=3463480156&adf=2187122167&pi=t.ma~as.9971816417&w=740&lmt=1655013875&rafmt=12&psa=0&format=740x90&url=https%3A%2F%2Fwww.allspots.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655013875340&bpp=2&bdt=294&idt=204&shv=r20220608&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=647903484125&frm=20&pv=1&ga_vid=652542782.1655013875&ga_sid=1655013876&ga_hid=2072708154&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=333&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067628%2C31067972%2C44765403&oid=2&pvsid=4035116351011925&tmod=1131951061&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5P469uqJ1v&p=https%3A//www.allspots.com&dtd=209
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.218.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-218-67.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:36 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
like.php
www.facebook.com/v2.3/plugins/ Frame A816 		47 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=415201545271579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dda15194e599c%26domain%3Dwww.allspots.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.allspots.com%252Ff233092c97a6694%26relation%3Dparent.parent&container_width=320&href=https%3A%2F%2Fwww.facebook.com%2Fallspotsjo&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&width=182
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=aab46514a4f8871236bfc5aac78ebe23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8f2d5487d481cccaa9a4d6b4c107a65fc6799327b0305f309c736eabfe1eb8b1
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.allspots.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sun, 12 Jun 2022 06:04:37 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v7.0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ZjXDR3vqQ8Q2sNRO7V3R8CvMXDTlkFDW0/hFLxvlRUPoJZl90Jk/i/OTvU8ehg4qo6Qw4EUKQMnslHCyU3gcZA==
x-fb-rlafr
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220608&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0149528545016404&plah=www.allspots.com&bust=31067972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
609706c9295f5a1256271763b95200102c5d811956b6b889bd32cd71a1948037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 06:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10514
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0149528545016404&plah=www.allspots.com&bust=31067972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Jun 2022 06:04:37 GMT
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame A816 		400 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=415201545271579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dda15194e599c%26domain%3Dwww.allspots.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.allspots.com%252Ff233092c97a6694%26relation%3Dparent.parent&container_width=320&href=https%3A%2F%2Fwww.facebook.com%2Fallspotsjo&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&width=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:37 GMT
x-content-type-options
nosniff
content-md5
uF0RL4E+h23ClLQmPOTTMw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
400
x-fb-rlafr
0
x-fb-debug
QMOI3ARNtSpabdbsGJ1IzWYD/C+eH6vPcL/Qw2GKSW8j94DI88NuwL07y40pfKhylxlXRnw2LCzzd+VX+HyfvA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 11 Jun 2023 00:08:41 GMT
Zt3iMaoIOwM.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y8/l/en_US/ Frame A816 		526 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y8/l/en_US/Zt3iMaoIOwM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=415201545271579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dda15194e599c%26domain%3Dwww.allspots.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.allspots.com%252Ff233092c97a6694%26relation%3Dparent.parent&container_width=320&href=https%3A%2F%2Fwww.facebook.com%2Fallspotsjo&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&width=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9383f0136fa373015213e3cc44ba1951d2ebb00283aaee029a9a184d978d5384
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yY3jGV/I9mMKEFPr+stcog==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
140031
x-fb-rlafr
0
x-fb-debug
ULYVrdeNpyiNEgDSir2TZn/778m7wwtyQsm+Ttl0Vj+eCAOW83F/2QJweMgWMeYsljVNR8D/rHoryg5KbicqlQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 10 Jun 2023 21:34:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 78F5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.allspots.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
1086
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 05:46:31 GMT
expires
Mon, 12 Jun 2023 05:46:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 22E3 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e7bd0b6695dad10a7996a7a1c088d77e6968529cb166013eafa15a0378a63d01
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vA-wjAXwZc-QLDLbcZldAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.allspots.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-vA-wjAXwZc-QLDLbcZldAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 06:04:37 GMT
expires
Sun, 12 Jun 2022 06:04:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js
pagead2.googlesyndication.com/bg/ Frame 78F5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a7a1902cf0b2c62dd8999afc07e491bed0e97e18f790feeb4a222d4e40509bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 05:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
88770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13857
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Jun 2023 05:25:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 22E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220608&jk=4035116351011925&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
cavalry_endpoint.php
www.facebook.com/common/ Frame A816 		67 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1655013877169&t_start=1655013877170&t_domcontent=1655013877192&t_layout=1655013877299&t_onload=1655013877299&t_paint=1655013877299&t_creport=1655013877299&t_tti=1655013877192&lid=7108230477954045816-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=415201545271579&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dda15194e599c%26domain%3Dwww.allspots.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.allspots.com%252Ff233092c97a6694%26relation%3Dparent.parent&container_width=320&href=https%3A%2F%2Fwww.facebook.com%2Fallspotsjo&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&width=182
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
x-fb-debug
tbuqU5v1YpjRSI9hEY0hzbm674hdhOKSAWaNGL/cPlUUeKN0NHxhbE91V3g/8ijz8gQR/bE5p8DTT7x2ogh3aQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 12 Jun 2022 06:04:37 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 78F5 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gUx1JA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:04:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dt
dt.adsafeprotected.com/ Frame 37DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007717&asId=d544c893-970f-3ce2-4478-0e089ca2f3ee&tv=%7Bc:fiIWnY,pingTime:1,time:1279,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:184%7D,%7Bpiv:0,vs:o,r:l,t:207%7D,%7Bpiv:100,vs:i,r:,t:278%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:1,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1001,o:278,n:207,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B35~1,0~0%5D,as:%5B35~728.90%5D%7D%7D,%7Bsl:o,t:207,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~728.90%5D%7D%7D,%7Bsl:i,t:278,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:240,fm:t8wlyPt+11%7C12%7C131*.1007717-62211789%7C1311%7C13121%7C141%7C142,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.218.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-218-67.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:37 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 37DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007717&asId=d544c893-970f-3ce2-4478-0e089ca2f3ee&tv=%7Bc:fiIWnY,pingTime:1,time:1280,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:184%7D,%7Bpiv:0,vs:o,r:l,t:207%7D,%7Bpiv:100,vs:i,r:,t:278%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:1,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1002,o:278,n:207,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B35~1,0~0%5D,as:%5B35~728.90%5D%7D%7D,%7Bsl:o,t:207,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~728.90%5D%7D%7D,%7Bsl:i,t:278,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:240,fm:t8wlyPt+11%7C12%7C131*.1007717-62211789%7C1311%7C13121%7C141%7C142,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.218.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-218-67.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:37 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 62E4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIvVqp8SRKgzJHkz2dylWo41zcjIZew8HBcRgX359ZBAdxEiCCguMWidbaRQifpKHgWMmPfJWfdoJX88GkEtyoDamNx_RLFifsAFPhfWnC_xoKDWwTlPDs_UhI&sai=AMfl-YQn9DcD6zdBEfoVvlSSNivWv7oLEOw8Z1JMXnUdL1ZSs0mAp8gMKxHNabdOXFkfxUIYH2lPwZRJUyRD&sig=Cg0ArKJSzAnWwy3YRp1YEAE&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,764,1000,1095,1095&tos=0,764,236,95,0&v=20220608&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655013876059&rpt=292&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 37DE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss28mApcgIuU2H27PhhGzOqJ0Ctd716j7kB9OpKLWzgUHm459J2kSub_gkiSXQOXh3k4o2EXsbEYwlhBmWhpslIwW0adOwszgP7WfYYcv8aoGQ&sai=AMfl-YRM4XxjRrOXQMtiw5wxw_4UxF-uAcplLuKJzEOxWilRYcqJLsr2S2WEy9_mR0-Wi9LnPg2kyB5vBrNQ&sig=Cg0ArKJSzId89eVtgXUCEAE&cid=CAASBORoPAg&id=lidar2&mcvt=1001&p=0,0,108,728&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220608&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&vu=1&app=0&itpl=20&adk=3463480156&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655013875949&rpt=545&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 06:04:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220608&jk=4035116351011925&bg=!iomlic3NAAaJfvByqX47ACkAdvg8Whw5xadxxlEOeEEu7SQ7aUxv8_35PdoR6JVkYLaUIYodkFBDAgIAAAB1UgAAAARoAQcKAHlht-14dZGAe9M7ImaTeEF2dUkIQkrHZJdSycBtBCrDbz9d9zMRqnFivkIitWN7rMXSI_L2AT7E6NaJo3efQoFZZIowQhA-S7Jn4dOMhaiAFa9FXfQuaRCV-3U-mRPxG_qJIto1QyG_nWRLnWDcVklMGdugGFAruoxxmQKiX4u8TmGtRmYVCGOIP-DEnzouE0GjgmU4dM_vqh6zXTz_m3-YLHeSkfWW8odRWjGm_sqKJ_wnPlR2DBbOKw26Bx9tNEI1_htxLISEKUoom7pynj5VND0B95REHeb-zfrxhueHMc-TEZznGdfotkZ35QPt6j809d0WHUOhgeLArWonE71z2ygHkneVyqGJWC0gGbRwXcRy1H6u3_G2aHWVx9Hn3G4SgSyw3CvGDQh03wOqfU8Ik_Jm0MLK9fOf4eSxFLEwJ6DwrSWwqkgarQTfE5mVqRnbeCiC-82xhWSLOUfT6X6vTXhqTFCtqosgRuLrfHN24Gc1wZK7kRAxdw-noSs-JS2Et-J-WFQqEAeKKpm_Ka91S2Cw7tQ_YIcQVDJIbDKHmJDnaKeXltWYS6i1C96PZBv8HqZmDMsjckajTFdYNVNEu_LfZtSFJ22wer-n0PMvucwREvTkhb2Z7i17tyWLQIQnHI6m8zLknv0Bl9FMiNVW232aJtJY6TJP88_9jfKvMYbn4Hx0Pzi9EZtOgWGfqqFJW5E1ACQl9Wqcwzs7RCW2KV3ITkFqH_he3MWUfDSfjatDBbG5JPeoiiPLzG1HcLEqX6SbJ8sAdtY0l0zg4a2rScckS7KUD4ux2OKVKodv2P8JDW0NvN-Wl2ErresA9bkjbNzM793gpfBqCHXVgY0BMPCJ5cc0n0VIP7QHAmsREdcMcoDqMeDC99wYDDb7EKEuacjbcqDHhZNA8KclYF9ng0J9PX6bAJKatx7EVFpunuSY3RMI0exG21GtygBNSvURfjz3wkhmoPIAaJwbchP1DB59O2gIMSYosEpY9zjsOKFkUYPOyDWD5wEU6GNiBmBHMF2hkl7HuB_aAT-ZhgKWuSKuxo8xkwotbkBUVes
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.allspots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| CookieBanner function| gtag object| dataLayer object| adsbygoogle function| $ function| jQuery object| jQuery111107979996145049308 object| FB object| __gcse object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| googleNDT_ number| googleAltLoader object| google_llp object| googletag object| GoogleGcLKhOms

14 Cookies

Domain/Path Name / Value
www.allspots.com/ Name: PHPSESSID
Value: 8vvjeal30dftvl8l2useto2i81
.allspots.com/ Name: _ga
Value: GA1.2.652542782.1655013875
.allspots.com/ Name: _gid
Value: GA1.2.1077460572.1655013875
.allspots.com/ Name: _gat_gtag_UA_55911075_2
Value: 1
.allspots.com/ Name: __gads
Value: ID=7e8c45d0ddc986ef-226e70e2aecd00f5:T=1655013875:RT=1655013875:S=ALNI_MaGRo2y0C2woBscFyZPAjIElZZfNw
.doubleclick.net/ Name: IDE
Value: AHWqTUmgfmqnri5cjkUbBlk5cVRl7XvxUPrvr6J5lCoRfIUXeCHxGwLLuAHpuwFv
.adnxs.com/ Name: uuid2
Value: 8272501668343291091
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2ImIMIf8d!@wnfH8K6pQK`!5=E<*L5?%Lp4AMZl5*zu.]!#iJi-S(ridS?lA8_fG`(MoW%nugO%v4VB%nmsm)wd38
.casalemedia.com/ Name: CMPS
Value: 5154
.casalemedia.com/ Name: CMRUM3
Value: 2d62a581f42760
.casalemedia.com/ Name: CMST
Value: YqWB9GKlgfQA
.casalemedia.com/ Name: CMID
Value: YqWB9JBoU0u-5YsGJnLEQAAA
.casalemedia.com/ Name: CMPRO
Value: 5154
.doubleclick.net/ Name: DSID
Value: NO_DATA

2 Console Messages

Source Level URL
Text
network error URL: https://www.allspots.com/jo/directory_style.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found !)
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1157848262867583707/banner/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.fr
clients1.google.com
cm.g.doubleclick.net
connect.facebook.net
cse.google.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
jordansun.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
s0.2mdn.net
static.adsafeprotected.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.allspots.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.googletagservices.com
142.250.185.130
142.250.185.226
142.250.185.70
142.250.186.98
185.33.221.90
2.20.157.55
212.83.165.65
2600:9000:2491:c200:8:48e:53c0:93a1
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2006
2a00:1450:4001:811::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
44.237.218.67
52.31.65.246
016ed5402d1ba36a0fe71dc78ce8ba1ec770120c93fd4bbd659489431f31fc28
0a7a1902cf0b2c62dd8999afc07e491bed0e97e18f790feeb4a222d4e40509bb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9c53bc80ff7e918204894fa5c41f6f4180af4e8ad95958940fc0a8389b0a39
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
29f79d0bd6c34afb2c6ab2be298bd3ea49f34d2fa68c5df157b29ba53eeab574
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3d1cab466ceafc0f6e107cab0682de636681d30173b57bcca4798292fe51c75d
3fbc5befd997e502996d5295700a9f1969e1bf703506b85ecd2579b5f16da393
4385ce68ba65a6c2764beb260a537b22f9e9757433721b4ae06bbab7a3cb4809
47a95b9c80e48085817826dcdec6f13ffe3c0e5002e21672e0c87bda788ad6a2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5cbb0e2ba0e6ae7bef3429d447b0f5eea6f016fe3f88188c202681ef9636a17e
601b63ad2d77fb7eee00d91d5017a18324bc8f0ef2e78321154e0be00212f924
609706c9295f5a1256271763b95200102c5d811956b6b889bd32cd71a1948037
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6494a5af4263baa128cb8d1260cfeb6913b30f23423c75de5df769372dd7d163
76417d7b0ddeca42b2b2552757731b01716b2625217159539f4cf3ade4ad2041
787d45bf8f7c534b3fb1964561b44a8129c29a7195e801edac32a985684fe532
788f3e6bf5896304cb01c05e214709914025fd0cf7988a9171c0b34d21800aab
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
83c15ddd94af921d855c153e98f5b29d9951bdba6f52d703f7662514f7c62725
841e93cdda56cb9737674b3ca2932c8e4289828ea45158c5101ad9476a985724
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
8e0668791190cc528ee418afc8079ac06c55ef83ec7c185b8260fbbb22606980
8f2d5487d481cccaa9a4d6b4c107a65fc6799327b0305f309c736eabfe1eb8b1
9383f0136fa373015213e3cc44ba1951d2ebb00283aaee029a9a184d978d5384
955618f73439d96e75a99cc977d716639affff09c6a9827fd4f491f413eabe2c
98951966920836449d1486596e714bbc87c25bad8c5f4768bab38fb794b92993
995964322398d7c55e6386e1db3f0ce23b2fc9a8ddf03ccc5d6b8e1bed12cba0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3d49d4144f4fcdb81deceafe5bf0adc9221c50b48d131ecf72a4ee23f9fa573
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac42678d1c2ae742a6647891d41e40e6f30fcbf6252ad974e2c1288ee14546e0
ac9735bf2e45c6a7e0813911d309bc736b93daada029937eba6b4225e3ac6934
acff014e5d566e28e7367ed157b7d5a489a42cdda33067b9a43eb5aea83e526e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb2ec4fee8684fdf2d725fb75a78581ded613b3fff49f8b1f20fae91db208c36
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c5e789a7f7f0879a52ea91f43f8cd4ce0ebbbe9bf595ddbad663612ff285b55a
c8da5adff23cfa23582f6dde18d58217204665b2baaba2c2e54525edf4f79de9
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
cb1c7ac42d67db1385aa4eb4f30d35c4370bce6c49cfac0559c3a677c564860a
d29dc101d74c35f7abcbb4fe6954b16b49e4cb394da2e9ada996a4e96b90903d
d386d1935249c8bb044bbbb3bef0d855a2260709f4a956048ba92922e39d1682
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
d55933dfacdcdde8973a9496742789ed88c9609c538f8b445dc4624a65186ced
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
dda8b8cf3c05e4c1cdcbb445ce14de2114e81c99916aba098d0adaf94819044c
ddca9e0993397f221f8832feaa3e70cc62773d37ebff055bbb33d131267d3e67
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bd0b6695dad10a7996a7a1c088d77e6968529cb166013eafa15a0378a63d01
eabe3b0f33e7f11ddd1acda95923b01d8b08b082afe8f21ef64f9c16d1b3cee0
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee9afbfa9e39ecd4c7b0044e071ff9323c90b549455de1fbd714563020f40dca
eecc562cf373962edfe6719beff72bac1674405277d13b0d94906f1e75a9030f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cb6f5c7de11b123aac833daede5338ec2d9f4e9a3341b57b4401ed84d37910
f5e6e1dc12ddd8400b414ba099ff0938a243932c5191c45fac0b9755b03a6b2d
f89bbf6e96f3ab581d9d82ad9da05b17fa340b4d330d432415e1b394ece12515
fb81496a7caeddd94a64a7b4af4e470868932cd0109ebba9bb62ff1e04affb8f
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c