urlscan.io logo urlscan.io
SecurityTrails logo

thefunmedia.com Open in urlscan Pro
37.187.152.183  Public Scan

Go To Rescan Add Verdict Report
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Submission: On February 16 via manual from IN — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 64 HTTP transactions. The main IP is 37.187.152.183, located in France and belongs to OVH, FR. The main domain is thefunmedia.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 31st 2022. Valid for: 3 months.
This is the only time thefunmedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    37.187.152.183 (France)

ASN16276 (OVH, FR)
PTR: server72.hndservers.net
thefunmedia.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    78.46.57.120 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.120.57.46.78.clients.your-server.de
static.getbutton.io
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
12    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:400c:c0d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
adservice.google.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
19 thefunmedia.com
thefunmedia.com
778 KB
14 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2400
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
87 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
200 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
198 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
10 KB
3 gstatic.com
fonts.gstatic.com
167 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
497 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 getbutton.io
static.getbutton.io — Cisco Umbrella Rank: 33412
85 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 33045
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 741
644 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
36 KB
64 13
Domain Requested by
19 thefunmedia.com thefunmedia.com
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
8 pagead2.googlesyndication.com thefunmedia.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 connect.facebook.net thefunmedia.com
connect.facebook.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com thefunmedia.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 static.getbutton.io 1 redirects thefunmedia.com
2 fonts.googleapis.com thefunmedia.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.fr pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com thefunmedia.com
64 17

This site contains links to these domains. Also see Links.

Domain
getbutton.io
Subject Issuer Validity Valid
thefunmedia.com
cPanel, Inc. Certification Authority		 2022-01-31 -
2022-05-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-25 -
2022-02-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Frame ID: FEC82F99AA0E802E27ACD412217A6EAB
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220214/r20190131/zrt_lookup.html
Frame ID: 805326B6A7F034E9608B5F4E064B4AEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7835043597913396&output=html&adk=1812271804&adf=3025194257&lmt=1645006004&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fthefunmedia.com%2Fnews%2Fhow-often-should-you-change-a-bamboo-pillow&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645006004230&bpp=2&bdt=327&idt=149&shv=r20220214&mjsv=m202202090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=229027494419&frm=20&pv=2&ga_vid=1184431710.1645006004&ga_sid=1645006005&ga_hid=1065944474&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064037%2C31064734%2C44756432&oid=2&pvsid=3115123836891435&pem=797&tmod=837524680&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=364
Frame ID: F91CFCE00D59D2E4AD93448B6C450742
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 06D73D5967190E5F55D8944E6C10265D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 452598E1F3D1EDFC3D1CBA5304400A37
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Fun Media | Fun Begins Here

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

64
Requests

98 %
HTTPS

81 %
IPv6

13
Domains

17
Subdomains

16
IPs

4
Countries

1584 kB
Transfer

2847 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://static.getbutton.io/widget-send-button/js/init.js HTTP 302
  • https://static.getbutton.io/widget/bundle.js

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request how-often-should-you-change-a-bamboo-pillow
thefunmedia.com/news/ 		39 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
f3fd4970be1cd380365f16c883835e0e309bb1c913350301739a7328101052dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

Date
Wed, 16 Feb 2022 10:06:43 GMT
Server
Apache
Cache-Control
no-cache, private
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		1 KB
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,500,600,700&subset=latin,latin-ext
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e05625072af3c4d3ca3bcef620cecc11cad888a0441600f3c43d04c3334d2c64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 10:06:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 10:06:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 10:06:43 GMT
icon
fonts.googleapis.com/ 		569 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
485fa9644b14058ebe8a472a9329941917a72aeed694f6a14880058c79c1ed75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 10:06:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 10:06:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 10:06:43 GMT
plugins.css
thefunmedia.com/assets/css/ 		41 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thefunmedia.com/assets/css/plugins.css?v=4.8.0
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
08961ba3cdaff8805f310eda71633a77f95c7f7a64d42b8943f08d30df6e098e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:43 GMT
Last-Modified
Fri, 11 Feb 2022 22:33:32 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
42289
application.css
thefunmedia.com/assets/css/ 		155 KB
155 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thefunmedia.com/assets/css/application.css?v=4.8.0
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
8438710548485dc0c5709824849914e19e34162515a63fa610eac65898e7509b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:43 GMT
Last-Modified
Fri, 11 Feb 2022 22:33:32 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
158621
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dea47affe3da615938595eecc86beed099acf4a24f02560263648b79a48af380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53763
x-xss-protection
0
server
cafe
etag
18329938876519234337
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 10:06:44 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-142542491-3
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0114997c33d9d4cb276d7b6ca16556f256d6d43646eb23b7c812f1c07f0a66a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:06:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36075
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 10:06:44 GMT
logo.png
thefunmedia.com/upload/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefunmedia.com/upload/logo.png
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
b994fd6634419ed1a1bc03336aa89eccbabb0c54522fdb63eb6b45c601eafecd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Thu, 09 Sep 2021 15:51:47 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
5789
awesome.gif
thefunmedia.com/assets/images/reactions/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefunmedia.com/assets/images/reactions/awesome.gif
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
600435698b750ef494bf5fbc059fe4bd17153bbe0b51f35254a5674bb71e124f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Thu, 29 Aug 2019 23:09:40 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
63125
nice.png
thefunmedia.com/assets/images/reactions/ 		700 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefunmedia.com/assets/images/reactions/nice.png
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
3c2cf55dae85811f736d87c002859a73529ceb34e8cf16c43be205788c77c98d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Thu, 29 Aug 2019 23:09:40 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
700
loved.gif
thefunmedia.com/assets/images/reactions/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefunmedia.com/assets/images/reactions/loved.gif
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
e72e42403f1f06779f09726c07dd821f30aed47f547718f4a4f6ef02440513da

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Thu, 29 Aug 2019 23:09:40 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
30953
lol.gif
thefunmedia.com/assets/images/reactions/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefunmedia.com/assets/images/reactions/lol.gif
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
abcad11d69fee631ef76cb7f7b689b6bbf3d544f73acdd2f800ad9cad81a96d5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Thu, 29 Aug 2019 23:09:40 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
75056
funny.gif
thefunmedia.com/assets/images/reactions/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefunmedia.com/assets/images/reactions/funny.gif
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
f9ae1675c51eea5813272207d499e4689149e14c7004ae8626b37c53ac83bb4d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Thu, 29 Aug 2019 23:09:40 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
27701
fail.gif
thefunmedia.com/assets/images/reactions/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefunmedia.com/assets/images/reactions/fail.gif
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
2d9658f0beb42c51c23209cb6b9ccf42b340a92cf1aae6d8931bb064549dfbb9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Thu, 29 Aug 2019 23:09:40 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
41552
wow.gif
thefunmedia.com/assets/images/reactions/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefunmedia.com/assets/images/reactions/wow.gif
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
2e621cc8d62e48e0149ef50fffd655cfc53e57b8abc8f9d5035c7a4b50921d18

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Thu, 29 Aug 2019 23:09:40 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
8889
cry.gif
thefunmedia.com/assets/images/reactions/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefunmedia.com/assets/images/reactions/cry.gif
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
4fa58cae474e7b4702444e3c4bdcecb19570846aec0e5202e317fdc82c83680a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Thu, 29 Aug 2019 23:09:40 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
30770
flogo.png
thefunmedia.com/upload/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefunmedia.com/upload/flogo.png
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
a050afa6291d7a3dd3d9b483b47e1ae3857e8c67c80ac119b7a4aa24f68c51b3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Thu, 09 Sep 2021 15:51:47 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
5011
404.png
thefunmedia.com/assets/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefunmedia.com/assets/images/404.png
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
0cf176abb74364a927bcab6486aba0d62f21cb28e7649fcb13a6cf119d23e645

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Thu, 29 Aug 2019 23:09:40 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
23086
manifest.js
thefunmedia.com/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thefunmedia.com/assets/js/manifest.js?v=4.8.0
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
59f5cb27c61b80062af58188ffcb92b9bd3d86daa0d1900f34eb739e2feb8268

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Fri, 11 Feb 2022 22:33:32 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1278
vendor.js
thefunmedia.com/assets/js/ 		125 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thefunmedia.com/assets/js/vendor.js?v=4.8.0
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
bc40f4e56d8f549182ba0bf0a5201b16904f84a5a63c5f749171deebd44033a0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Fri, 11 Feb 2022 22:33:32 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
128131
app.min.js
thefunmedia.com/assets/js/ 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thefunmedia.com/assets/js/app.min.js?v=4.8.0
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
c9494d1887512082abaf479504cbc8be78592a3e820075afe2acfd58d4dba3d4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Fri, 11 Feb 2022 22:33:32 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
31571
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
47zAuyCzaCse5sdWBj4EcFKv1V5QS4ZlNCR51Mq5+ZxVPIj7kzAX+d1RzKbefB/1LbEdaaEawNkxb1Ev2B2UjQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 16 Feb 2022 10:06:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bundle.js
static.getbutton.io/widget/
Redirect Chain
  • https://static.getbutton.io/widget-send-button/js/init.js
  • https://static.getbutton.io/widget/bundle.js
266 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getbutton.io/widget/bundle.js
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
HTTP/1.1
Server
78.46.57.120 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.120.57.46.78.clients.your-server.de
Software
nginx/1.6.2 /
Resource Hash
ce62c40dd07ad8d31490b1e1d55c60055c5a51dc27abc05c4f1c278e3ac9991e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Feb 2022 16:00:12 GMT
Server
nginx/1.6.2
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
keep-alive
Expires
Wed, 16 Feb 2022 13:06:44 GMT

Redirect headers

Location
https://static.getbutton.io/widget/bundle.js
Date
Wed, 16 Feb 2022 10:06:44 GMT
Server
nginx/1.6.2
Connection
keep-alive
Content-Length
160
Content-Type
text/html
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,500,600,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefunmedia.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:30:55 GMT
x-content-type-options
nosniff
age
570949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:30:55 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v125/ 		121 KB
121 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v125/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63b49d58e13f9edc496b9e239b5e5c08757d26551bd16628cf996d3af0b769f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefunmedia.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:39:56 GMT
x-content-type-options
nosniff
age
44808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123876
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 21:23:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Feb 2023 21:39:56 GMT
TMSans-Bold.woff
thefunmedia.com/assets/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thefunmedia.com/assets/fonts/TMSans-Bold.woff?0f3c3d64168f36f570978cd4155d4dab
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/assets/css/application.css?v=4.8.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
7cfc5ae07f7f70ac49f92793eda54d7e3e19c0598c63649da77ecd01674efb91

Request headers

Referer
https://thefunmedia.com/assets/css/application.css?v=4.8.0
Origin
https://thefunmedia.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Fri, 21 Aug 2020 20:15:32 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
38572
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,500,600,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thefunmedia.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:31:18 GMT
x-content-type-options
nosniff
age
570926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:21:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:31:18 GMT
TMSans-Regular.woff
thefunmedia.com/assets/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thefunmedia.com/assets/fonts/TMSans-Regular.woff?ac0ba247f27b68ca1063e7af9d90dbbd
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/assets/css/application.css?v=4.8.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.152.183 , France, ASN16276 (OVH, FR),
Reverse DNS
server72.hndservers.net
Software
Apache /
Resource Hash
d86d1c0e48f6682d54d0f36083235e9f766abce6d4ba8045154d40a2feff9136

Request headers

Referer
https://thefunmedia.com/assets/css/application.css?v=4.8.0
Origin
https://thefunmedia.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 10:06:44 GMT
Last-Modified
Fri, 21 Aug 2020 20:15:32 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
38000
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1118b4d7407a97d0202682187b940039f1afc156500960493381924e34d52d8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
JeHcTulYWe736LmsTR6h0g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
28JVDnj5WDt91g3wGFywwUK+411FyvDN878aIrd8k/5ZhM5VeOQQnn5q3VdP0wLybIgubK6Xa0phY7+qMafnZQ==
x-fb-trip-id
686109401
x-fb-content-md5
6e45f7fd218d7044f28753751a521d5f
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 16 Feb 2022 10:06:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3b3f0af3510447ac10b63c441b7d9fe7"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 16 Feb 2022 10:18:56 GMT
171714987218565
connect.facebook.net/signals/config/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/171714987218565?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
edbd5afbd9314806f802b4db72c917e2a221765184f90f0a053410939fbf9e59
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
11m90W6nlHSIMruJw4eVi34TZ4i7jtFPNivpLNcpMPJslWxyBxNK7PVtDU/7njdjZ84WkLydZgoigqO6VcjquQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 16 Feb 2022 10:06:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=0315ebd8cf125256b5a9701f0d96652c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a3c1232c9009dd7e357834265f042c5220b0aeaf10fdad85d9c861e328d01157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://thefunmedia.com/
Origin
https://thefunmedia.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sTpEd40jmJ7IEgr61LoiKA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83623
x-fb-rlafr
0
x-fb-debug
/dSAoCHpUOl4XGJPkpHzrQb9D5WguZZNmXKFSKP3PHzpISV54RH+Keb7AIXOjeF6Un0rQo7BSzxrJ2BYvK9Emg==
x-fb-content-md5
2595cb40cbbe33fcddb24c78b47cace5
x-frame-options
DENY
date
Wed, 16 Feb 2022 10:06:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"5e4a20b311ae8d33898e8251d526aa05"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 16 Feb 2023 09:09:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-142542491-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1910
date
Wed, 16 Feb 2022 09:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 16 Feb 2022 11:34:54 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/ 		291 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7835043597913396&plah=thefunmedia.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57cde178e409ad638968837fe4026937594a0b5aef519df3cab73c42b2ec1a27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106831
x-xss-protection
0
server
cafe
etag
13246082661852921068
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 10:06:44 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220214/r20190131/ Frame 8053 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220214/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Tue, 15 Feb 2022 22:41:46 GMT
expires
Tue, 01 Mar 2022 22:41:46 GMT
cache-control
public, max-age=1209600
age
41098
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1065944474&t=pageview&_s=1&dl=https%3A%2F%2Fthefunmedia.com%2Fnews%2Fhow-often-should-you-change-a-bamboo-pillow&ul=en-us&de=UTF-8&dt=The%20Fun%20Media%20%7C%20Fun%20Begins%20Here&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1439643325&gjid=575890064&cid=1184431710.1645006004&tid=UA-142542491-3&_gid=874047578.1645006004&_r=1&gtm=2ou290&z=1482241092
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thefunmedia.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 10:06:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thefunmedia.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=171714987218565&ev=PageView&dl=https%3A%2F%2Fthefunmedia.com%2Fnews%2Fhow-often-should-you-change-a-bamboo-pillow&rl=&if=false&ts=1645006004316&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645006004314.277441177&it=1645006004135&coo=false&exp=p1&rqm=GET
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:06:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 16 Feb 2022 10:06:44 GMT
ca-pub-7835043597913396
fundingchoicesmessages.google.com/i/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7835043597913396?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7835043597913396&plah=thefunmedia.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f048f3630fad1ea9a7a3847c6fb3392405718ee3e706f43c73c0d639dd206bd3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ypZFZxyQhExGDqRzYzAqMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-ypZFZxyQhExGDqRzYzAqMg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ypZFZxyQhExGDqRzYzAqMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-ypZFZxyQhExGDqRzYzAqMg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-142542491-3&cid=1184431710.1645006004&jid=1439643325&gjid=575890064&_gid=874047578.1645006004&_u=YEBAAUAAAAAAAC~&z=1949315334
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thefunmedia.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 16 Feb 2022 10:06:44 GMT
content-type
text/plain
access-control-allow-origin
https://thefunmedia.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUPEkXuMZv4SIeNSsu3MF5F_TWMDaTjPQy3ObuPkvx6wWiWaPDK9JZ8LmO1HxGb_ddWpdG3TXr_7ngvfxg7Wqo=
fundingchoicesmessages.google.com/el/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUPEkXuMZv4SIeNSsu3MF5F_TWMDaTjPQy3ObuPkvx6wWiWaPDK9JZ8LmO1HxGb_ddWpdG3TXr_7ngvfxg7Wqo=?pvid=F165620C-58B8-4FE3-923D-9B425DC69E87&anonid=587166CF-B614-4C5A-9671-1D71A5840D46
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.5xTTakrgoRQ.es5.O/d=1/rs=AJlcJMw3zTXQRA8kA0Dg-_WTtbSAqHqBbQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bkbulhH129D1oQN36jjjdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bkbulhH129D1oQN36jjjdQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thefunmedia.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 10:06:44 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thefunmedia.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-bkbulhH129D1oQN36jjjdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bkbulhH129D1oQN36jjjdQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVIDr7bvDeN3A5AufZPuVIBm__XViWZRIDwHnYGmb3gcXOZZAOfPXceaF14dfyX0ZxNqZN4UIdJhsR7ArH186o=
fundingchoicesmessages.google.com/f/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVIDr7bvDeN3A5AufZPuVIBm__XViWZRIDwHnYGmb3gcXOZZAOfPXceaF14dfyX0ZxNqZN4UIdJhsR7ArH186o=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQ1MDA2MDA0LDU4MTAwMDAwMF0sIkYxNjU2MjBDLTU4QjgtNEZFMy05MjNELTlCNDI1REM2OUU4NyIsIjU4NzE2NkNGLUI2MTQtNEM1QS05NjcxLTFENzFBNTg0MEQ0NiIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLHRydWUsdHJ1ZV0sImh0dHBzOi8vdGhlZnVubWVkaWEuY29tL25ld3MvaG93LW9mdGVuLXNob3VsZC15b3UtY2hhbmdlLWEtYmFtYm9vLXBpbGxvdyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.5xTTakrgoRQ.es5.O/d=1/rs=AJlcJMw3zTXQRA8kA0Dg-_WTtbSAqHqBbQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1de5549c0aa6da83adacdd31e22615af2521ede38dda3ef0fd7e73f1f0ab7690
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-17BID+737AK2r2dpwrMGJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-17BID+737AK2r2dpwrMGJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 10:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-17BID+737AK2r2dpwrMGJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-17BID+737AK2r2dpwrMGJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		219 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=thefunmedia.com&callback=_gfp_s_&client=ca-pub-7835043597913396
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7835043597913396&plah=thefunmedia.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
6ad4fb16bbeb7a2a70ad9f2b5bc0992522a7a966ab673a091a9807b785bf657c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=thefunmedia.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7835043597913396&plah=thefunmedia.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 10:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thefunmedia.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7835043597913396&plah=thefunmedia.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 10:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fthefunmedia.com%2Fnews%2Fhow-often-should-you-change-a-bamboo-pillow&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: thefunmedia.com
URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 10:06:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F91C 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7835043597913396&output=html&adk=1812271804&adf=3025194257&lmt=1645006004&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fthefunmedia.com%2Fnews%2Fhow-often-should-you-change-a-bamboo-pillow&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645006004230&bpp=2&bdt=327&idt=149&shv=r20220214&mjsv=m202202090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=229027494419&frm=20&pv=2&ga_vid=1184431710.1645006004&ga_sid=1645006005&ga_hid=1065944474&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064037%2C31064734%2C44756432&oid=2&pvsid=3115123836891435&pem=797&tmod=837524680&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=364
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7835043597913396&plah=thefunmedia.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6afdde317d844c24626528731b08055b7c43d30ce7fe35721a516fbc20c0d102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Feb 2022 10:06:44 GMT
server
cafe
content-length
5098
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 10:06:44 GMT
cache-control
private
AGSKWxVcwyo-_MAg_OrK1WQp93F_d0U0CNhzr0OBgCToPIeqBeGZARPP3q-MMveLEzaJHHndcAr6P9D0HpjJ85S2iUCSYD-p8CI8UCuMR0wZ1yVziRRuMpH2tO4TZbwFor4aRDgJ2rBNWWD4BTlnY99z4JDt3zi5uQtsvmFElkNTvx0O4e6JP4GQPK89F2rF
fundingchoicesmessages.google.com/el/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVcwyo-_MAg_OrK1WQp93F_d0U0CNhzr0OBgCToPIeqBeGZARPP3q-MMveLEzaJHHndcAr6P9D0HpjJ85S2iUCSYD-p8CI8UCuMR0wZ1yVziRRuMpH2tO4TZbwFor4aRDgJ2rBNWWD4BTlnY99z4JDt3zi5uQtsvmFElkNTvx0O4e6JP4GQPK89F2rF
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.fr.mBbzr7QjN7k.es5.O/d=1/rs=AJlcJMwrY4gxXjqrK9pMJi2wnwbt8pCiAg/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JBBvoUaCTRIQLSXbVaJrBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-JBBvoUaCTRIQLSXbVaJrBg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thefunmedia.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 10:06:44 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thefunmedia.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-JBBvoUaCTRIQLSXbVaJrBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-JBBvoUaCTRIQLSXbVaJrBg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUkbBBTBD_Rt8oTSm-SPnmwdo52cixxUkv4sPfPolcJYGyolmTvCwzvLq1bHbsYUQ6_445E_ozaroV_e8iMSgGFeNsd9lvCAUvKuoiVMG3NjrbhXsbFl9FZnNdHqdymoGiIvMM4_R-9dg8HJJ8bI8TRbqvpn8gVc3Yc7HhEekVZPcFhZhgoPQVWxIqU
fundingchoicesmessages.google.com/f/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUkbBBTBD_Rt8oTSm-SPnmwdo52cixxUkv4sPfPolcJYGyolmTvCwzvLq1bHbsYUQ6_445E_ozaroV_e8iMSgGFeNsd9lvCAUvKuoiVMG3NjrbhXsbFl9FZnNdHqdymoGiIvMM4_R-9dg8HJJ8bI8TRbqvpn8gVc3Yc7HhEekVZPcFhZhgoPQVWxIqU?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQ1MDA2MDA0LDY5MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxLDFdLCJodHRwczovL3RoZWZ1bm1lZGlhLmNvbS9uZXdzL2hvdy1vZnRlbi1zaG91bGQteW91LWNoYW5nZS1hLWJhbWJvby1waWxsb3ciLG51bGwsW11d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.fr.mBbzr7QjN7k.es5.O/d=1/rs=AJlcJMwrY4gxXjqrK9pMJi2wnwbt8pCiAg/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0150dc62624c9077343efeb015424a54a50c231bab0b6c57a0decc69d6f09306
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ksIqFxMRjcHLkoPlK1JwHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ksIqFxMRjcHLkoPlK1JwHQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 10:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-ksIqFxMRjcHLkoPlK1JwHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ksIqFxMRjcHLkoPlK1JwHQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220214&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7835043597913396&plah=thefunmedia.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec89bf40bfbcb6bed3221e125f67032e67986664dbef0aca998acde7fa02a20a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 10:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9919
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=171714987218565&ev=Microdata&dl=https%3A%2F%2Fthefunmedia.com%2Fnews%2Fhow-often-should-you-change-a-bamboo-pillow&rl=&if=false&ts=1645006004826&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Fun%20Media%20%7C%20Fun%20Begins%20Here%22%2C%22meta%3Adescription%22%3A%22It%20is%20all%20about%20the%20Fun%2C%20World%20news%20and%20business%20tips%20with%20practical%20Approach%20using%20the%20Open%20Source%20Mindset%20Blogging!%20%20Signup%20Now!%20and%20start%20the%20fun%20with%20thefunmedia.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22TheFunMedia%22%2C%22og%3Atitle%22%3A%22The%20Fun%20Media%20%7C%20Fun%20Begins%20Here%22%2C%22og%3Adescription%22%3A%22It%20is%20all%20about%20the%20Fun%2C%20World%20news%20and%20business%20tips%20with%20practical%20Approach%20using%20the%20Open%20Source%20Mindset%20Blogging!%20%20Signup%20Now!%20and%20start%20the%20fun%20with%20thefunmedia.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fthefunmedia.com%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fthefunmedia.com%2Fupload%2Flogo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1645006004314.277441177&it=1645006004135&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:06:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 16 Feb 2022 10:06:44 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7835043597913396&plah=thefunmedia.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 10:06:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 06D7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 10:00:35 GMT
expires
Thu, 16 Feb 2023 10:00:35 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
370
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4525 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2ae67870c746c5db7c8ec154fab5a08585545e5f5341ec4c4f15e2405f21f93f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-d3oMyasRMfEJVMSFauMa/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 16 Feb 2022 10:06:45 GMT
date
Wed, 16 Feb 2022 10:06:45 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-d3oMyasRMfEJVMSFauMa/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
pagead2.googlesyndication.com/bg/ Frame 06D7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 08:45:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
4894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13552
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 08:45:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4525 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220214&jk=3115123836891435&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 06D7 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?97aWWw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 10:06:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220214&jk=3115123836891435&bg=!z8ylzIjNAAbAtJCDwLQ7ACkAdvg8WlxSm6eId6zrztTAvwEG1cq3VER_lCAe-E0T8R7cBfj5QzTYjAIAAABYUgAAAANoAQcKAHch0CK9O8GCY6OJTQsjEW41ajL-wBlUUJIHfB9gu648CnGTPWQTzSViK3Hrt14k6aIcA_svRKGBBsrHse77g59kjoSS0zJ5AmRx75zIWse6qg6i0tymRuJ_Ay-MzOeFZwDKh0SODpIFi-kC-Y9lNd01lKP65h5S5JkCuyii6HMuZBATCMPcpvZ5E1C8GvsTQfTTXGi6I2gDwg-fJc-0Zl8wL-p_05ffUFj3xGyjl2oAUaEY6XJbZSWFiHjN8QIClfqKtixo8eBLwefx-_9EvpuBxO6CY8AvdkTYfFKvQAw6gr5EEiWDz5goKV755qFI4djRyeNi43S6-M0xdND-CQlGlxEuMrEVrs54UbKrSSI4tjkDIL_d5cnOvLxoh4R6L6LAMAqus9uaZGIUJYhtgWnivAngJlVTZLSmULZGj26ZnXVqfyOgWWgGb18WZkbps217kTAj2PF1YUFo2vNQQE6DoSY98j32yUB5pdTvSUHCkvq4rvB2ebO4U8lgYAWVBYXxwZ1nVcRJh3P8mj_9C2t26ppG-ROA_fHeTm3KowYMKjMKsabNeqajSMvEtUzBDLFZOs_fAO_8Eh5Sv01M0KE4u_V9PTls-Y4EATLWuRrL6IJZWHLKo25zWNjyvo7QOdU3-OiYSqEUzzcdo9zQx2DqMNWx_YCVf1WYnH77q9DO2NMHdKvgxSIiV3PWCWnZjmg3DmJYoo6HMRtgVjiVWBpT69QD6uQE2UGZ4r-vpnd-pvfB3OWvFaCOGQ6MRPtxTvEKJxstndyYwJi6T30Ks_odaY5hmtuJJuH41bZoD5OVzwGwuOR4NiqAH6WrGb5sJZPxYwbBfSqOZmzEbzjr4d0XjZfOvjVNpVkwBLMJsnAKliUVvK0nzZX_x-QztXxgXBHvahES3eP_IJ7A3v16YDQaYVKpAqlFoV0HR10Zlgt_PcdJDO4kpY3G4Snq6XwzDWfpAXpfRjH5HfNIX5HCkI2wRJGt3SbmVMjrZEe42uQORQNcvAhGLMnzq6lG97ZAAYx-FmXPKLKn0zYoi946aDgZ5NVuPx2RXo3E0A4HsGRKDBdARz2FxhqrqAXqT6jwedC6mcVQyw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 10:06:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
fundingchoicesmessages.google.com/f/AGSKWxVIHVqF33olwWNean-vsC0CQmubpWgL6oh9KHGLiMHz6T_8oUNbqqEjL9kJBp2h_T4fnoU9D-sh0v-bxEvGcCg3C5QC8CzNikT5Xiz5oMQoS-iVJm9KMJzijOI3dkwWrENo4SA-WXgXPTHOvYoZsyFYug45C... 		54 B
106 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVIHVqF33olwWNean-vsC0CQmubpWgL6oh9KHGLiMHz6T_8oUNbqqEjL9kJBp2h_T4fnoU9D-sh0v-bxEvGcCg3C5QC8CzNikT5Xiz5oMQoS-iVJm9KMJzijOI3dkwWrENo4SA-WXgXPTHOvYoZsyFYug45CQS-kCuycBFFoLbiHi6e8-whj-tQJnMiQzdUapJMu8le28jWGOomwMvBjQN6ozi5hY4DzrMrtMwDPqg36fg=/_/ads_controller./globaladprostyles..adsremote.-ad-ero-_yahooads/
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.fr.6HYYb6J-T3U.es5.O/d=1/rs=AJlcJMx6Rs6PvvKq_Kxq9Kzx-2UGp5WTBw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1555c6a04a95b0c1991c7b5056fd2970b2ae9ef642f9502e0798092e34b9e49d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aUP5IXOdLcFn0sP0fBfhKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-aUP5IXOdLcFn0sP0fBfhKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-aUP5IXOdLcFn0sP0fBfhKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-aUP5IXOdLcFn0sP0fBfhKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.fr.6HYYb6J-T3U.es5.O/d=1/rs=AJlcJMx6Rs6PvvKq_Kxq9Kzx-2UGp5WTBw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95c667a3d6d8028ecdf5929f5038353f8c128dab4957618150a2852c7618b882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 09:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2242
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8386
x-xss-protection
0
server
cafe
etag
3640032393696250145
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 10:29:24 GMT
AGSKWxU0tFl-1_2AZYeTjRVHasRoAFjiWNyEtVKZqh89JjtALpQXHXY1jk5f4waAm5qvJwzoChxNMruwR610pjXBMZBjXZA9yQoiT8K7kX79Gwflv2UsI3_I_X1SdYh0FcoBWfL-feW7EepHU-56pklkgtkbF212EiHYnQo5Zw5ykO-1z7IsmPpcWbcos21J
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU0tFl-1_2AZYeTjRVHasRoAFjiWNyEtVKZqh89JjtALpQXHXY1jk5f4waAm5qvJwzoChxNMruwR610pjXBMZBjXZA9yQoiT8K7kX79Gwflv2UsI3_I_X1SdYh0FcoBWfL-feW7EepHU-56pklkgtkbF212EiHYnQo5Zw5ykO-1z7IsmPpcWbcos21J
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.fr.6HYYb6J-T3U.es5.O/d=1/rs=AJlcJMx6Rs6PvvKq_Kxq9Kzx-2UGp5WTBw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SPUh0lxyfKqkodPiRnhPlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SPUh0lxyfKqkodPiRnhPlA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thefunmedia.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 10:06:46 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thefunmedia.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-SPUh0lxyfKqkodPiRnhPlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SPUh0lxyfKqkodPiRnhPlA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU0tFl-1_2AZYeTjRVHasRoAFjiWNyEtVKZqh89JjtALpQXHXY1jk5f4waAm5qvJwzoChxNMruwR610pjXBMZBjXZA9yQoiT8K7kX79Gwflv2UsI3_I_X1SdYh0FcoBWfL-feW7EepHU-56pklkgtkbF212EiHYnQo5Zw5ykO-1z7IsmPpcWbcos21J
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU0tFl-1_2AZYeTjRVHasRoAFjiWNyEtVKZqh89JjtALpQXHXY1jk5f4waAm5qvJwzoChxNMruwR610pjXBMZBjXZA9yQoiT8K7kX79Gwflv2UsI3_I_X1SdYh0FcoBWfL-feW7EepHU-56pklkgtkbF212EiHYnQo5Zw5ykO-1z7IsmPpcWbcos21J
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.fr.6HYYb6J-T3U.es5.O/d=1/rs=AJlcJMx6Rs6PvvKq_Kxq9Kzx-2UGp5WTBw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fX1A0ecc2JegUKc5awUijQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-fX1A0ecc2JegUKc5awUijQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thefunmedia.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 10:06:46 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thefunmedia.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fX1A0ecc2JegUKc5awUijQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-fX1A0ecc2JegUKc5awUijQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU0tFl-1_2AZYeTjRVHasRoAFjiWNyEtVKZqh89JjtALpQXHXY1jk5f4waAm5qvJwzoChxNMruwR610pjXBMZBjXZA9yQoiT8K7kX79Gwflv2UsI3_I_X1SdYh0FcoBWfL-feW7EepHU-56pklkgtkbF212EiHYnQo5Zw5ykO-1z7IsmPpcWbcos21J
fundingchoicesmessages.google.com/el/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU0tFl-1_2AZYeTjRVHasRoAFjiWNyEtVKZqh89JjtALpQXHXY1jk5f4waAm5qvJwzoChxNMruwR610pjXBMZBjXZA9yQoiT8K7kX79Gwflv2UsI3_I_X1SdYh0FcoBWfL-feW7EepHU-56pklkgtkbF212EiHYnQo5Zw5ykO-1z7IsmPpcWbcos21J
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.fr.6HYYb6J-T3U.es5.O/d=1/rs=AJlcJMx6Rs6PvvKq_Kxq9Kzx-2UGp5WTBw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-d2E270fb4sUqskxh6s/ZqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-d2E270fb4sUqskxh6s/ZqQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thefunmedia.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 10:06:46 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thefunmedia.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-d2E270fb4sUqskxh6s/ZqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-d2E270fb4sUqskxh6s/ZqQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX5PERukE9jmWZeB4Dr9U4rs4ScO3wQSiPxdMe6BwWX6sMmHTaGRqj1VlqthAmqpu46cyvrs0QSCDanfWAkgpOfu-InOsuilh6NtvbCHp9O3TsH_YwlblebDWYANadCUL8IJzNo7qSzxlKKxUjz5f-rRc7CNeYkQZTHSWDctzI3sNUI7oRYXWkOuhqe
fundingchoicesmessages.google.com/f/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX5PERukE9jmWZeB4Dr9U4rs4ScO3wQSiPxdMe6BwWX6sMmHTaGRqj1VlqthAmqpu46cyvrs0QSCDanfWAkgpOfu-InOsuilh6NtvbCHp9O3TsH_YwlblebDWYANadCUL8IJzNo7qSzxlKKxUjz5f-rRc7CNeYkQZTHSWDctzI3sNUI7oRYXWkOuhqe?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQ1MDA2MDA2LDQyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vdGhlZnVubWVkaWEuY29tL25ld3MvaG93LW9mdGVuLXNob3VsZC15b3UtY2hhbmdlLWEtYmFtYm9vLXBpbGxvdyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.fr.6HYYb6J-T3U.es5.O/d=1/rs=AJlcJMx6Rs6PvvKq_Kxq9Kzx-2UGp5WTBw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7a53f4861666856abb35db2470660153a58e3773fa5d4cd12cf7c4236053d5e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-TWHUSNfkB1XTfHuw8HGbOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-TWHUSNfkB1XTfHuw8HGbOA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://thefunmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 10:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-TWHUSNfkB1XTfHuw8HGbOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-TWHUSNfkB1XTfHuw8HGbOA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU0tFl-1_2AZYeTjRVHasRoAFjiWNyEtVKZqh89JjtALpQXHXY1jk5f4waAm5qvJwzoChxNMruwR610pjXBMZBjXZA9yQoiT8K7kX79Gwflv2UsI3_I_X1SdYh0FcoBWfL-feW7EepHU-56pklkgtkbF212EiHYnQo5Zw5ykO-1z7IsmPpcWbcos21J
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU0tFl-1_2AZYeTjRVHasRoAFjiWNyEtVKZqh89JjtALpQXHXY1jk5f4waAm5qvJwzoChxNMruwR610pjXBMZBjXZA9yQoiT8K7kX79Gwflv2UsI3_I_X1SdYh0FcoBWfL-feW7EepHU-56pklkgtkbF212EiHYnQo5Zw5ykO-1z7IsmPpcWbcos21J
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.fr.6HYYb6J-T3U.es5.O/d=1/rs=AJlcJMx6Rs6PvvKq_Kxq9Kzx-2UGp5WTBw/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1txq238MWi24u0o7C78F2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1txq238MWi24u0o7C78F2A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thefunmedia.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 10:06:46 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thefunmedia.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1txq238MWi24u0o7C78F2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1txq238MWi24u0o7C78F2A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXTJlwjiyYk8TfUyKsddIrw5tWs0hQlLqdX6RSUgGBshfHoDz93vWyCd5-wrU_bRc-AfjZKu6OqEOk2nbYgG0CuKryma3CZudU6gkZtzRPeydR5j6-DBhOwzirsbnUskcOgBanP9kLw4aoj9qGY_o6j7ncwC-9ZUZbqm9PBwNbEFKHKVcIg6QtNum85
fundingchoicesmessages.google.com/el/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXTJlwjiyYk8TfUyKsddIrw5tWs0hQlLqdX6RSUgGBshfHoDz93vWyCd5-wrU_bRc-AfjZKu6OqEOk2nbYgG0CuKryma3CZudU6gkZtzRPeydR5j6-DBhOwzirsbnUskcOgBanP9kLw4aoj9qGY_o6j7ncwC-9ZUZbqm9PBwNbEFKHKVcIg6QtNum85
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.fr.ev5fXiUuhI8.es5.O/d=1/rs=AJlcJMwAA4_Sva18qggcOCOnhi4h0hl9zg/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-McnHCd7FG6bwtvmFTamhAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-McnHCd7FG6bwtvmFTamhAg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thefunmedia.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 10:06:46 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thefunmedia.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-McnHCd7FG6bwtvmFTamhAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-McnHCd7FG6bwtvmFTamhAg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| structuredClone function| gtag object| dataLayer function| fbq function| _fbq string| buzzy_base_url object| webpackChunkbuzzy function| swal function| sweetAlert function| jQuery function| $ object| NProgress object| Buzzy function| fbAsyncInit object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| o object| n object| r object| WhWidgetSendButton object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googleToken object| googleIMState object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| M2E1NGM0MTc2ZTcwZDY5NmxvYWRlcl9qcw== string| M2E1NGM0MTc2ZTcwZDY5NmNhY2hlZF9qcw== string| __fcexpdef object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| default_ContributorIabCcpaWebSignalJs function| __djmt020195__ object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ object| GoogleGcLKhOms function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| 146f300c-b059-4d9f-b6cb-3c6b79e522e2 object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__

10 Cookies

Domain/Path Name / Value
thefunmedia.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkJoTVArSEpqQjdBT0xjTVQyZnZIdWc9PSIsInZhbHVlIjoiWlp0NWlTZzltMmhVcnZ6QzlaVjUwZU83MXg0WXdFT3c1bzR4cFZ0bE9wK2xZUDVjOWV2SUNpRnF4MG9wc2FhYVhSY3Z2VXkvbU5MMjhacGpteG4vTlUvZjJJL21mYVZhMnhDVFhVRHJaTVErTG1QTjYwaGt5azJuL3p5UWJRbUwiLCJtYWMiOiJjZTA2MzJhYzhjMjJkMDczOTI2N2RmNWExMGVkODUxNDgxMjM5ZjIzYzI2N2Q5ZDAwNjA3ZTY4Y2Y1ZTg3MTc0IiwidGFnIjoiIn0%3D
thefunmedia.com/ Name: laravel_session
Value: eyJpdiI6InoxSU9HOEdFOXVKUTgva2gzeHJqVEE9PSIsInZhbHVlIjoid25iL3JHMGhvTTkreWQ3T1BPSVQ0MVdSUERwM21nRm9ZTW9MSGczbVpLT0svZWMvdnRzVG5ibGx6bG5HVnltVUlKeXZOOXRWc0N5N2R4V3FlSHNFRm56UXhYM1NDS0c0V015SnQvZTFOMlZKall6TjhXRmZ2bkZMTG84QkFUVEwiLCJtYWMiOiJmMDhiN2Q1MjI4NTQ1YWIyNzk3Yjg4NGY1MWFhOTNhNzM0MzViOGY4MjdmZTMxMTMxNGE1ZjNiYmQzNmQ0ZjE1IiwidGFnIjoiIn0%3D
.thefunmedia.com/ Name: _ga
Value: GA1.2.1184431710.1645006004
.thefunmedia.com/ Name: _gid
Value: GA1.2.874047578.1645006004
.thefunmedia.com/ Name: _gat_gtag_UA_142542491_3
Value: 1
.thefunmedia.com/ Name: _fbp
Value: fb.1.1645006004314.277441177
.facebook.com/ Name: fr
Value: 0sqIKYusVlidPiem5..BiDMy0...1.0.BiDMy0.
.thefunmedia.com/ Name: __gads
Value: ID=022ab19319214cd9-22fab8da41cd004d:T=1645006004:RT=1645006004:S=ALNI_Ma9h-3GRlr2Ah_sb-1MInq0_8hMvg
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.thefunmedia.com/ Name: FCNEC
Value: [["AKsRol8EIaxn7FY_Hay5TQXjICRar-JDIA91I5oBaX1b_qtlQszRYRqdxmUTF6WFlqKau_muPGNtR8igbBFSmoGBKa3uJtp-7r9eznXUX3CeIFOkikuyVBCh2zs9UMAC_18tlk8tjP_9GYjQBoZ_bMVnBx_Z_suE_w=="],null,[]]

1 Console Messages

Source Level URL
Text
network error URL: https://thefunmedia.com/news/how-often-should-you-change-a-bamboo-pillow
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
static.getbutton.io
stats.g.doubleclick.net
thefunmedia.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
142.250.74.194
2a00:1450:4001:800::2002
2a00:1450:4001:809::200e
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c0d::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.187.152.183
78.46.57.120
0114997c33d9d4cb276d7b6ca16556f256d6d43646eb23b7c812f1c07f0a66a7
0150dc62624c9077343efeb015424a54a50c231bab0b6c57a0decc69d6f09306
08961ba3cdaff8805f310eda71633a77f95c7f7a64d42b8943f08d30df6e098e
0cf176abb74364a927bcab6486aba0d62f21cb28e7649fcb13a6cf119d23e645
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1118b4d7407a97d0202682187b940039f1afc156500960493381924e34d52d8b
1555c6a04a95b0c1991c7b5056fd2970b2ae9ef642f9502e0798092e34b9e49d
1de5549c0aa6da83adacdd31e22615af2521ede38dda3ef0fd7e73f1f0ab7690
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2ae67870c746c5db7c8ec154fab5a08585545e5f5341ec4c4f15e2405f21f93f
2d9658f0beb42c51c23209cb6b9ccf42b340a92cf1aae6d8931bb064549dfbb9
2e621cc8d62e48e0149ef50fffd655cfc53e57b8abc8f9d5035c7a4b50921d18
3c2cf55dae85811f736d87c002859a73529ceb34e8cf16c43be205788c77c98d
485fa9644b14058ebe8a472a9329941917a72aeed694f6a14880058c79c1ed75
4fa58cae474e7b4702444e3c4bdcecb19570846aec0e5202e317fdc82c83680a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57cde178e409ad638968837fe4026937594a0b5aef519df3cab73c42b2ec1a27
59f5cb27c61b80062af58188ffcb92b9bd3d86daa0d1900f34eb739e2feb8268
600435698b750ef494bf5fbc059fe4bd17153bbe0b51f35254a5674bb71e124f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b49d58e13f9edc496b9e239b5e5c08757d26551bd16628cf996d3af0b769f2
6ad4fb16bbeb7a2a70ad9f2b5bc0992522a7a966ab673a091a9807b785bf657c
6afdde317d844c24626528731b08055b7c43d30ce7fe35721a516fbc20c0d102
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7cfc5ae07f7f70ac49f92793eda54d7e3e19c0598c63649da77ecd01674efb91
8438710548485dc0c5709824849914e19e34162515a63fa610eac65898e7509b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95c667a3d6d8028ecdf5929f5038353f8c128dab4957618150a2852c7618b882
a050afa6291d7a3dd3d9b483b47e1ae3857e8c67c80ac119b7a4aa24f68c51b3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3c1232c9009dd7e357834265f042c5220b0aeaf10fdad85d9c861e328d01157
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a7a53f4861666856abb35db2470660153a58e3773fa5d4cd12cf7c4236053d5e
abcad11d69fee631ef76cb7f7b689b6bbf3d544f73acdd2f800ad9cad81a96d5
b994fd6634419ed1a1bc03336aa89eccbabb0c54522fdb63eb6b45c601eafecd
bc40f4e56d8f549182ba0bf0a5201b16904f84a5a63c5f749171deebd44033a0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c9494d1887512082abaf479504cbc8be78592a3e820075afe2acfd58d4dba3d4
ce62c40dd07ad8d31490b1e1d55c60055c5a51dc27abc05c4f1c278e3ac9991e
d86d1c0e48f6682d54d0f36083235e9f766abce6d4ba8045154d40a2feff9136
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea47affe3da615938595eecc86beed099acf4a24f02560263648b79a48af380
e05625072af3c4d3ca3bcef620cecc11cad888a0441600f3c43d04c3334d2c64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72e42403f1f06779f09726c07dd821f30aed47f547718f4a4f6ef02440513da
ec89bf40bfbcb6bed3221e125f67032e67986664dbef0aca998acde7fa02a20a
edbd5afbd9314806f802b4db72c917e2a221765184f90f0a053410939fbf9e59
f048f3630fad1ea9a7a3847c6fb3392405718ee3e706f43c73c0d639dd206bd3
f3fd4970be1cd380365f16c883835e0e309bb1c913350301739a7328101052dd
f9ae1675c51eea5813272207d499e4689149e14c7004ae8626b37c53ac83bb4d