URL: http://paipal.fr/
Submission Tags: @phishunt_io
Submission: On September 02 via api from DE — Scanned from FR

Summary

This website contacted 33 IPs in 7 countries across 31 domains to perform 55 HTTP transactions. The main IP is 128.65.195.180, located in Switzerland and belongs to INFOMANIAK-AS, CH. The main domain is paipal.fr.
This is the only time paipal.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 128.65.195.180 29222 (INFOMANIA...)
2 2001:1600:0:a... 29222 (INFOMANIA...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 54.91.59.199 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.2 16509 (AMAZON-02)
2 23.7.203.198 16625 (AKAMAI-AS)
1 2 18.66.97.3 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
2 104.16.132.24 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.21.25.189 13335 (CLOUDFLAR...)
1 2a02:26f0:10e... 20940 (AKAMAI-ASN1)
2 3.18.122.99 16509 (AMAZON-02)
1 192.124.249.33 30148 (SUCURI-SEC)
1 52.219.98.218 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.236.34.12 29550 (SIMPLYTRA...)
5 208.91.60.86 14244 (AS-NSI-GL...)
1 2a02:26f0:ea:... 20940 (AKAMAI-ASN1)
1 151.101.130.62 54113 (FASTLY)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
55 33
Apex Domain
Subdomains
Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 112
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
210 KB
5 foodbusinessnews.net
www.foodbusinessnews.net — Cisco Umbrella Rank: 168797
231 KB
3 rss.app
widget.rss.app — Cisco Umbrella Rank: 128314
rss.app — Cisco Umbrella Rank: 77102
79 KB
3 weatherwidget.org
srv1.weatherwidget.org
258 KB
2 prnewswire.com
mma.prnewswire.com — Cisco Umbrella Rank: 38373
57 KB
2 illinoisstate.edu
news.illinoisstate.edu — Cisco Umbrella Rank: 467258
2 townnews.com
bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 13845
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 17336
27 KB
2 libn.com
libn.com — Cisco Umbrella Rank: 445069
433 KB
2 financialexpress.com
www.financialexpress.com — Cisco Umbrella Rank: 141158
2 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
5 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3463
359 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
storage.googleapis.com — Cisco Umbrella Rank: 376
36 KB
1 gannett-cdn.com
www.gannett-cdn.com — Cisco Umbrella Rank: 7253
264 KB
1 s-nbcnews.com
media-cldnry.s-nbcnews.com — Cisco Umbrella Rank: 12366
43 KB
1 worldcoffeeportal.com
www.worldcoffeeportal.com
37 KB
1 thecoastnews.com
thecoastnews.com — Cisco Umbrella Rank: 810794
103 KB
1 amazonaws.com
fj-corp-pub.s3.us-east-2.amazonaws.com — Cisco Umbrella Rank: 217758
562 KB
1 upstatebusinessjournal.com
upstatebusinessjournal.com
73 KB
1 syracuse.com
www.syracuse.com — Cisco Umbrella Rank: 93045
199 KB
1 vtdigger.org
vtdigger.org — Cisco Umbrella Rank: 359917
101 KB
1 cloudfront.net
d1e00ek4ebabms.cloudfront.net
3 MB
1 abcnews.com
s.abcnews.com — Cisco Umbrella Rank: 18848
75 KB
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 32113
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 872
642 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2748
231 B
1 gstatic.com
fonts.gstatic.com
22 KB
1 infomaniak.website
assets.storage.infomaniak.website
308 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 66
73 KB
1 infomaniak.com
assets.storage.infomaniak.com
24 KB
1 paipal.fr
paipal.fr
2 KB
55 31
Domain Requested by
6 pagead2.googlesyndication.com paipal.fr
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 www.foodbusinessnews.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 srv1.weatherwidget.org paipal.fr
srv1.weatherwidget.org
2 mma.prnewswire.com
2 news.illinoisstate.edu
2 libn.com 1 redirects
2 www.financialexpress.com
2 rss.app widget.rss.app
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 region1.google-analytics.com www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 bloximages.chicago2.vip.townnews.com
1 www.gannett-cdn.com
1 media-cldnry.s-nbcnews.com
1 www.worldcoffeeportal.com
1 thecoastnews.com
1 fj-corp-pub.s3.us-east-2.amazonaws.com
1 upstatebusinessjournal.com
1 www.syracuse.com
1 vtdigger.org
1 storage.googleapis.com
1 bloximages.newyork1.vip.townnews.com
1 d1e00ek4ebabms.cloudfront.net
1 s.abcnews.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.fr pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 api.ipify.org srv1.weatherwidget.org
1 fonts.gstatic.com fonts.googleapis.com
1 assets.storage.infomaniak.website paipal.fr
1 widget.rss.app paipal.fr
1 www.googletagmanager.com paipal.fr
1 fonts.googleapis.com paipal.fr
1 assets.storage.infomaniak.com paipal.fr
1 paipal.fr
55 36

This site contains links to these domains. Also see Links.

Domain
weatherwidget.org
Subject Issuer Validity Valid
*.storage.infomaniak.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-19 -
2022-10-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-23 -
2023-04-23
a year crt.sh
storage.infomaniak.website
R3
2022-08-17 -
2022-11-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA
2022-02-07 -
2023-03-10
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.google.fr
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
s.abcnews.com
Amazon
2021-12-28 -
2023-01-25
a year crt.sh
indianexpress.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-18 -
2023-07-21
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-11 -
2023-04-11
a year crt.sh
storage.googleapis.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
advancelocal.web.arc-cdn.net
R3
2022-07-26 -
2022-10-24
3 months crt.sh
newsevents.illinoisstate.edu
InCommon RSA Server CA
2022-07-22 -
2023-07-22
a year crt.sh
upstatebusinessjournal.com
Starfield Secure Certificate Authority - G2
2022-01-11 -
2023-01-11
a year crt.sh
*.s3.us-east-2.amazonaws.com
Amazon
2021-12-17 -
2022-12-16
a year crt.sh
www.worldcoffeeportal.com
R3
2022-07-09 -
2022-10-07
3 months crt.sh
foodbusinessnews.net
Go Daddy Secure Certificate Authority - G2
2021-11-30 -
2022-12-27
a year crt.sh
*.s-nbcnews.com
DigiCert SHA2 Secure Server CA
2021-12-17 -
2022-12-17
a year crt.sh
usatoday.com
R3
2022-08-07 -
2022-11-05
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh

This page contains 5 frames:

Primary Page: http://paipal.fr/
Frame ID: E74A29118C34962F71D85F685B2307EE
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
Frame ID: 9185093E0D2784B97EF5E288BF9C63E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6591068858863614&output=html&adk=1812271804&adf=3025194257&lmt=1662110677&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fpaipal.fr%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&dt=1662116452323&bpp=3&bdt=365&idt=231&shv=r20220831&mjsv=m202208290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3340535626284&frm=20&pv=2&ga_vid=1922215335.1662116452&ga_sid=1662116453&ga_hid=769191350&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44760911%2C31068856%2C31069231%2C21066430%2C31062931&oid=2&pvsid=3263793413342703&tmod=56244885&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=246
Frame ID: A1A6AFE673DD8CECBE276F405F7D324A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 072153D9DEBD049C5209A674C7DC6038
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C186A0B315F46D17DBBF792D07F488C0
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Welcome to paipal.fr

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

55
Requests

93 %
HTTPS

58 %
IPv6

31
Domains

36
Subdomains

33
IPs

7
Countries

6432 kB
Transfer

7163 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://libn.com/files/2022/09/Cover-slack.jpg HTTP 301
  • https://libn.com/wp-content/blogs.dir/1/files/2022/09/Cover-slack.jpg

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
paipal.fr/
5 KB
2 KB
Document
General
Full URL
http://paipal.fr/
Protocol
HTTP/1.1
Server
128.65.195.180 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS
h2park-8d750cc5.infomaniak.ch
Software
Apache/2.4.25 (Debian) /
Resource Hash
2626c2a9db0fa60d72098b51fbbb81c88171b9f474ef6f152045e029a6aae50e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1949
Content-Type
text/html
Date
Fri, 02 Sep 2022 11:00:51 GMT
ETag
"1300-5e7ae4c862188-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Fri, 02 Sep 2022 09:24:37 GMT
Server
Apache/2.4.25 (Debian)
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
font-awesome.min.css
assets.storage.infomaniak.com/fonts/font-awesome/4.3.0/css/
23 KB
24 KB
Stylesheet
General
Full URL
https://assets.storage.infomaniak.com/fonts/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: paipal.fr
URL: http://paipal.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:1600:0:aaaa::2:a , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS
Software
nginx /
Resource Hash
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
x-amz-meta-request-id
15CB98E7E8F985AD
last-modified
Tue, 08 Oct 2019 06:37:08 GMT
server
nginx
x-amz-request-id
16FA4E6960A965CA
etag
"6fad6fbfe384d5d7b061d4a04efdf6ac-1"
vary
Origin
content-type
text/css
cache-control
max-age=90000,min-fresh=9000
date
Fri, 02 Sep 2022 11:00:52 GMT
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
23742
x-xss-protection
1; mode=block
x-proxy-cache
HIT
css
fonts.googleapis.com/
1 KB
937 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Signika
Requested by
Host: paipal.fr
URL: http://paipal.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e010c0c066bb96ca6036b1d7bc6bce40ee8f63a00cc02fa6017d477deff141a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 10:11:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 02 Sep 2022 11:00:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Sep 2022 11:00:52 GMT
js
www.googletagmanager.com/gtag/
206 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-657BC5VLFK
Requested by
Host: paipal.fr
URL: http://paipal.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34f9b2d5f6fe33c8ab1fe81136e76f287032d5a8e470c0c1780972166b1e002e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74585
x-xss-protection
0
expires
Fri, 02 Sep 2022 11:00:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6591068858863614
Requested by
Host: paipal.fr
URL: http://paipal.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2749e2cdf0685102c73c73c074889c2dee73c4704e96fabc2ba3823e6a277c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://paipal.fr/
Origin
http://paipal.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51529
x-xss-protection
0
server
cafe
etag
12169811096767141280
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 02 Sep 2022 11:00:52 GMT
/
srv1.weatherwidget.org/js/
2 KB
1 KB
Script
General
Full URL
https://srv1.weatherwidget.org/js/?id=ww_6aa04270d0f28
Requested by
Host: paipal.fr
URL: http://paipal.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a2dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a1b59d3635779ec2411d68725296ae500ca8f433762e79b34d17a06c989016

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6fkna6FpkAMHKyGwemdOgiQNdRcqAc1zSQGmkaTl%2BeLOGpi6xIDwicmmTOnl1yJdPS3poOx7otxi2i4IoYhnLr3SwLBbK3zrs5wXRttviRSP%2FTe0W0Ua3aMXpYkVABf8TOKfVFfvgtDO35V0Dcm7W1G1TWU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7445be925be5d6d2-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wall.js
widget.rss.app/v1/
239 KB
71 KB
Script
General
Full URL
https://widget.rss.app/v1/wall.js
Requested by
Host: paipal.fr
URL: http://paipal.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fdc27f300f168e493e10ac3bee41cc6f5d10715bb4847ec83ce927774667adb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4027
access-control-allow-methods
GET, POST
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 01 Sep 2022 17:24:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3bd89-182fa151d40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CgXEnvKQrXtE%2B2%2FXM8betFQhwW0XHVEAVP8z%2BKeXEk5aK7LVWi39SKAMJ4YnFWFzBjRUAPBZgyiVeLKT%2BRyo%2F0EETEzlXQaTyhmr78rVkrZVL1sln1x4BX%2BUyzBbwf4rpLkui30nbJwFpi%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=172800
access-control-allow-credentials
true
cf-ray
7445be92bc99d29f-CDG
8q2a7xNjY84.jpg
assets.storage.infomaniak.website/images/background/unsplash/
307 KB
308 KB
Image
General
Full URL
https://assets.storage.infomaniak.website/images/background/unsplash/8q2a7xNjY84.jpg
Requested by
Host: paipal.fr
URL: http://paipal.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:1600:0:aaaa::2:a , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS
Software
/
Resource Hash
b18ff86feb00662580ab1822f8deeba22f9b4cd003242ee295236c59284d8525
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
x-amz-meta-request-id
15CC9976EAF068D4
last-modified
Fri, 11 Oct 2019 13:02:32 GMT
x-amz-request-id
1711061B699BE56B
etag
"3ccd94e1b52c4f647ead499f5a25fb55-1"
vary
Origin
content-type
image/jpeg
cache-control
max-age=90000,min-fresh=9000
date
Fri, 02 Sep 2022 11:00:52 GMT
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
314766
x-xss-protection
1; mode=block
vEFO2_JTCgwQ5ejvMV0O96D01E8J0tJXHKbBjM4.woff2
fonts.gstatic.com/s/signika/v20/
21 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/signika/v20/vEFO2_JTCgwQ5ejvMV0O96D01E8J0tJXHKbBjM4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Signika
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbfb58fa3bcf70c701fc37975bab2e3bc4edbe328d183c345a6830d20d4514f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://paipal.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 00:10:35 GMT
x-content-type-options
nosniff
age
211817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21748
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:29:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 00:10:35 GMT
collect
region1.google-analytics.com/g/
0
342 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-657BC5VLFK&gtm=2oe8v0&_p=769191350&cid=1922215335.1662116452&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662116452&sct=1&seg=0&dl=http%3A%2F%2Fpaipal.fr%2F&dt=Welcome%20to%20paipal.fr&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-657BC5VLFK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 11:00:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://paipal.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.ipify.org/
12 B
231 B
XHR
General
Full URL
https://api.ipify.org/
Requested by
Host: srv1.weatherwidget.org
URL: https://srv1.weatherwidget.org/js/?id=ww_6aa04270d0f28
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
b7d664fe742d209b79af0ac768fa0703e874fec74fe2c94ff0e4f0052659158e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 11:00:52 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
text/plain
Access-Control-Allow-Origin
http://paipal.fr
Connection
keep-alive
Content-Length
12
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/
343 KB
121 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6591068858863614&plah=paipal.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6591068858863614
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ece0f1e1122d54fe30e26fc2e49fb5294ed040c341f42c934e5b8fafa87b5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123683
x-xss-protection
0
server
cafe
etag
11896109157514855283
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 02 Sep 2022 11:00:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/ Frame 9185
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6591068858863614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://paipal.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
60810
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 18:07:22 GMT
etag
8616628553774171045
expires
Thu, 15 Sep 2022 18:07:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
HH9Pb6AfLmzNxBuy
rss.app/api/widget/wall/
27 KB
8 KB
Fetch
General
Full URL
https://rss.app/api/widget/wall/HH9Pb6AfLmzNxBuy?
Requested by
Host: widget.rss.app
URL: https://widget.rss.app/v1/wall.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
77ac6ff082f38a30e8b5d1d8c6d47140b17c1714cc2c3c4a19f9b6184d2696f9

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Parent
Referer
http://paipal.fr/
accept-language
fr-FR,fr;q=0.9
Authorization
Content-Type
application/json

Response headers

date
Fri, 02 Sep 2022 11:00:52 GMT
content-encoding
br
etag
W/"6b54-pypuDeYl25h/D71RNl8YHDh5hh4"
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90%2F9TiE5TSZSIcXoFXS1%2Fe7MgoBQqYQSdhikvvUE7HUEwdgwdyq333XrNTViNnmD9M7W1wzSO57XwaPSNNLgGAIC09rIj7uUmzlYqyPfxaBHcL5ZdgcrV5BZx6aIV3Mv1uIsCyU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
http://paipal.fr
access-control-allow-credentials
true
cf-ray
7445be94fd58d61d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
HH9Pb6AfLmzNxBuy
rss.app/api/widget/wall/ Frame
0
0
Preflight
General
Full URL
https://rss.app/api/widget/wall/HH9Pb6AfLmzNxBuy?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,parent
Access-Control-Request-Method
GET
Origin
http://paipal.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cookie,Authorization,Parent
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
http://paipal.fr
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7445be940917d209-CDG
content-length
0
date
Fri, 02 Sep 2022 11:00:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Js8%2B3mACAs07D8lCXaQsAuDWDboo2Bt%2BseL8edfH0IckOVsr4zqZpx7853eFqf3JXN2TiBOuP19ye9p6QiTH3joz2%2FtUwGzPDpJ470mkBkOdxBh850aW%2BJXPHIY8lLAX0AJh38%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-powered-by
Express
cookie.js
partner.googleadservices.com/gampad/
213 B
642 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=paipal.fr&callback=_gfp_s_&client=ca-pub-6591068858863614
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6591068858863614&plah=paipal.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
52eb8714ec3662d3539f08c9aefe567ffb84ef829f79272261b0a63163ffff10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=paipal.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6591068858863614&plah=paipal.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Sep 2022 11:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paipal.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6591068858863614&plah=paipal.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Sep 2022 11:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A1A6
603 B
68 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6591068858863614&output=html&adk=1812271804&adf=3025194257&lmt=1662110677&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fpaipal.fr%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&dt=1662116452323&bpp=3&bdt=365&idt=231&shv=r20220831&mjsv=m202208290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3340535626284&frm=20&pv=2&ga_vid=1922215335.1662116452&ga_sid=1662116453&ga_hid=769191350&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44760911%2C31068856%2C31069231%2C21066430%2C31062931&oid=2&pvsid=3263793413342703&tmod=56244885&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=246
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6591068858863614&plah=paipal.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://paipal.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 11:00:52 GMT
expires
Fri, 02 Sep 2022 11:00:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
srv1.weatherwidget.org/data/
77 KB
11 KB
XHR
General
Full URL
https://srv1.weatherwidget.org/data/
Requested by
Host: srv1.weatherwidget.org
URL: https://srv1.weatherwidget.org/js/?id=ww_6aa04270d0f28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a2dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0309ab64a2f788a8b8591a9800a20bb6df59882363472ac204ecd9fc74f4f186

Request headers

Referer
http://paipal.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 02 Sep 2022 11:00:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W340qFZ0aYeRRyohp2mCBfpCbXktQox4XnulBOd0FqHgIdW85jVpdClx6EAww043%2BB41CrHDTl0vKPi%2BUw2viBS5swOcK2qxt1GQFfXNn7PARo6UGnIG%2FV8SEzVWQ89WbP4wyRqv815G%2F345tsGSJFhBVfnS"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7445be951a89d5ed-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220831&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6591068858863614&plah=paipal.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51d6a90b1f4b2d376a47d51241a71aa73f83cf096b2a087a68a684dbbe3a3e8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Sep 2022 11:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11018
x-xss-protection
0
cloudy_day.jpg
srv1.weatherwidget.org/skin/img/bg/
245 KB
246 KB
Image
General
Full URL
https://srv1.weatherwidget.org/skin/img/bg/cloudy_day.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a2dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03a02d7bd88be2f73213bce2b4f7f4f63b59b4c14bba3b75607e1347d1546d67

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:52 GMT
cf-cache-status
HIT
last-modified
Wed, 17 Aug 2022 02:27:02 GMT
server
cloudflare
age
5185
etag
"3d503-5e66699a90370"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8ENczjB4%2FU71Uxhuf%2BbOsAklmU65EuBa%2FBGG07o6o0P5pCTojUTWdJgTvocczQRXmL3%2BJEWN27awEweazEC4oT1vOFb9D8mCQIZGQhlXMLPTcTNxu7fGoU96OuVXG1TgsmrJGpVvt1R77wFLBUL6SMOmjmH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7445be960ea0d702-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
251139
mississippi-stalls-ap-jef-220901_1662068621906_hpMain_16x9_992.jpg
s.abcnews.com/images/Business/
74 KB
75 KB
Image
General
Full URL
https://s.abcnews.com/images/Business/mississippi-stalls-ap-jef-220901_1662068621906_hpMain_16x9_992.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-2.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8ec2eb0ac33e1af3b1eb519ad1785b5ce41e46f16e3236d363fec4cca80529a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 02 Sep 2022 10:12:20 GMT
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 21:47:10 GMT
server
AmazonS3
age
2913
etag
"0faa5f51ce2aff787336141292796e15"
vary
Origin
x-cache
Hit from cloudfront
x-amz-version-id
5SLQgZMXSccIzIGPZxMTsb6dkLam9KbC
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-type
image/jpeg
content-length
76258
x-amz-cf-id
jcdNp8mJoKsmcPAiQYhxaQ3utUuB0Kwb5a-faenmOkGVe0kp2Sav4w==
Expresso-Business-FE1200x630.jpg
www.financialexpress.com/wp-content/uploads/2022/04/
0
0
Image
General
Full URL
https://www.financialexpress.com/wp-content/uploads/2022/04/Expresso-Business-FE1200x630.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.203.198 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-203-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Cover-slack.jpg
libn.com/wp-content/blogs.dir/1/files/2022/09/
Redirect Chain
  • https://libn.com/files/2022/09/Cover-slack.jpg
  • https://libn.com/wp-content/blogs.dir/1/files/2022/09/Cover-slack.jpg
432 KB
433 KB
Image
General
Full URL
https://libn.com/wp-content/blogs.dir/1/files/2022/09/Cover-slack.jpg
Protocol
H2
Server
18.66.97.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
56cbd02210e2d73d74eb6246dacb2e5b64ea7d8606b0a3f495875a0df8c8923f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-zephr-cache
miss
date
Fri, 02 Sep 2022 03:51:36 GMT
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
age
25756
x-cache
Hit from cloudfront
content-length
442306
last-modified
Thu, 01 Sep 2022 18:53:22 GMT
server
nginx
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
4b-WLFG14skjRrMUpbThkaDP6rMLRgGRz3LNaCOO6ND5PrQyABHj0Q==
expires
Sun, 02 Oct 2022 03:51:36 GMT

Redirect headers

x-zephr-cache
miss
date
Fri, 02 Sep 2022 11:00:53 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
content-type
text/html
location
https://libn.com/wp-content/blogs.dir/1/files/2022/09/Cover-slack.jpg
cache-control
no-cache, no-store, no-transform
content-length
1327
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-id
s_Udnm9Qbn3aH2EWzgy9KlLOGgK9a_XUlACu_zwv38nSOhLdOdzK3A==
929be003-9551-4714-8ab0-c22328edddba.png
d1e00ek4ebabms.cloudfront.net/production/
3 MB
3 MB
Image
General
Full URL
https://d1e00ek4ebabms.cloudfront.net/production/929be003-9551-4714-8ab0-c22328edddba.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:8800:8:7f5f:1900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5b02a5cc9f7564e502b94191ce1deea31778164c8cfe3919ede3904a0e06491

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 06:01:45 GMT
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 22:40:54 GMT
server
AmazonS3
age
17948
etag
"f8df0ef15e9a2f2c97064b4a2f696a2d"
x-cache
Hit from cloudfront
x-amz-version-id
ixA_6pwHkH0QQDrNKub39f8v5uWAWYtj
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
image/png
content-length
3277984
x-amz-cf-id
WYFiaJq__0qyV0KpPkS1YI3NFWkwFydV4nLW92VNL6rTyp7OKAGe1Q==
631124760c68b.image.jpg
bloximages.newyork1.vip.townnews.com/wfmz.com/content/tncms/assets/v3/editorial/7/46/74669e33-6ab9-55c9-a471-e3670a3cb556/
21 KB
21 KB
Image
General
Full URL
https://bloximages.newyork1.vip.townnews.com/wfmz.com/content/tncms/assets/v3/editorial/7/46/74669e33-6ab9-55c9-a471-e3670a3cb556/631124760c68b.image.jpg?crop=1763%2C926%2C0%2C124&resize=438%2C230&order=crop%2Cresize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31eea44d2dd8619e65eb81e435ae31f61bbcb4226260e1beb2eefdb8d37ad8c9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:53 GMT
cf-cache-status
HIT
age
13316
cf-polished
origSize=21794, status=webp_bigger
last-modified
Thu, 01 Sep 2022 21:30:30 GMT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=604800
content-length
21573
x-vcache
MISS
server
cloudflare
etag
"8eac4cce3314f8a389a52d13ca2ce1ed"
x-robots-tag
noarchive
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 01 Sep 2023 21:42:12 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7445be9748f5d3b3-CDG
cf-bgj
imgq:85,h2pri
700.png
storage.googleapis.com/afs-prod/media/afs:Medium:751921853724/
34 KB
35 KB
Image
General
Full URL
https://storage.googleapis.com/afs-prod/media/afs:Medium:751921853724/700.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4762cfe585d92b9a6c91f3fef5e64c7458b8da6cbf545fc1833cb421d88aac94

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:52 GMT
age
1
x-guploader-uploadid
ADPycduCmdKo2fJXdx31h9wo1gS6w2zC94UBr-FdykyPHI6PbmivQt1ZqG-Pft_jdwfC8BUub3vyTPXGpGrEAwxOGxuLpQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35079
last-modified
Wed, 29 Sep 2021 09:24:15 GMT
server
UploadServer
etag
"e43533fcabd4d085640223ec032a8c53"
x-goog-hash
crc32c=G4iexg==, md5=5DUz/KvU0IVkAiPsAyqMUw==
x-goog-generation
1632907455594206
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-cache
x-goog-stored-content-length
35079
accept-ranges
bytes
content-type
image/png
expires
Sat, 02 Sep 2023 11:00:52 GMT
Gates-Briggs.jpeg
vtdigger.org/wp-content/uploads/2022/08/
101 KB
101 KB
Image
General
Full URL
https://vtdigger.org/wp-content/uploads/2022/08/Gates-Briggs.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbadc9fdbf34d795fbce0dce4700115deee681ec5a3e5a02fd9fa7d12f42184f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29819
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
103278
last-modified
Wed, 17 Aug 2022 13:15:56 GMT
server
cloudflare
etag
"62fcea0c-1936e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWI4gd8EiP1VptLII9yUEf5zA%2F4%2Bb9dReWAG30aYaFlGR2GoAhc%2FpH98esOjXTPjJPeblbHmETI7kAnqJ5BSLji%2B8QStwcNVzWbP%2Bh0JtMf0B1r3ZyK2bsSSEKQQSXM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7445be979e43d706-CDG
RQI3ZYC5JBEHPCWDG5WEW33F6A.jpg
www.syracuse.com/resizer/lJgyNffsrrZRjn3kMgMsfRPpPuM=/1280x0/filters:focal(729x266:739x256)/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/
198 KB
199 KB
Image
General
Full URL
https://www.syracuse.com/resizer/lJgyNffsrrZRjn3kMgMsfRPpPuM=/1280x0/filters:focal(729x266:739x256)/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/RQI3ZYC5JBEHPCWDG5WEW33F6A.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::5435:a1d9 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9cd23201546664c13734862b76e15f97be70fd7081a793c9ba10bb71fb15269c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 02 Sep 2022 11:00:53 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Sep 2022 21:18:31 GMT
server
Akamai Image Manager
etag
"033f5ee1a4be549a9a77982ce293bbadc12c28f8"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31486629
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=582
content-length
203024
expires
Fri, 01 Sep 2023 21:18:02 GMT
19_MH_186.jpeg
news.illinoisstate.edu/files/2021/10/
0
0
Image
General
Full URL
https://news.illinoisstate.edu/files/2021/10/19_MH_186.jpeg?w=640
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.18.122.99 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-18-122-99.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

webArmy1-800x450.jpg
upstatebusinessjournal.com/wp-content/uploads/sites/2/2020/06/
72 KB
73 KB
Image
General
Full URL
https://upstatebusinessjournal.com/wp-content/uploads/sites/2/2020/06/webArmy1-800x450.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.33 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10033.sucuri.net
Software
nginx /
Resource Hash
cfdc130dd9ae6205f728580bce2f9e506073a7b72f47ab30be0ab2d7613ad425
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:54 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
content-length
74018
x-xss-protection
1; mode=block
last-modified
Sat, 18 Sep 2021 14:22:32 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"6145f628-12122"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
x-sucuri-id
13033
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Industry%20News.png
fj-corp-pub.s3.us-east-2.amazonaws.com/s3fs-public/2020-11/
562 KB
562 KB
Image
General
Full URL
https://fj-corp-pub.s3.us-east-2.amazonaws.com/s3fs-public/2020-11/Industry%20News.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.98.218 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
4da291d0f08d7c511fee94f74db4d91ad0c21478ce8aa11728f2e7dabcc5cdb3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 11:00:54 GMT
Last-Modified
Wed, 11 Nov 2020 20:41:22 GMT
Server
AmazonS3
x-amz-request-id
RYPTTKV69V0MQWCD
ETag
"d6ba01a9a192d68be60fe8376cbf38e3"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
575471
x-amz-id-2
wiXhj35/cL3V1E5ingWGLuLcGoV+ohHGKAZzFrR/yuw4QA8I5BegpgZzt9iGWogqXtBf6ttk42M=
web-AdobeStock_91398225.jpg
thecoastnews.com/wp-content/uploads/2022/08/
102 KB
103 KB
Image
General
Full URL
https://thecoastnews.com/wp-content/uploads/2022/08/web-AdobeStock_91398225.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1146577e5c8acec5d0149ff16b4dfe49ec836d4ce0fd9bf38aba90d04f1b022
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20821
cf-polished
degrade=85, origSize=127066, status=vary_header_present
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Thu, 01 Sep 2022 01:05:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
x-origin-cache-control
public, max-age=604800
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lnm5SyUXFGPNB3I9ZXULk%2FUepv0YrELBFPSJweVNfVv%2FrebKZT7f37NSEFEkpVMlTCqFWjN61I3HDUMEnGuSq0Dz6gjbyUCBTqcO665Eh6UJ4IbktrAcMT9mI07GYFUL4YAzxbk1h4OkVSbZ8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding,User-Agent,Origin
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7445be96cdadd3af-CDG
display
staticcontent_sol
cf-bgj
imgq:85,h2pri
In-other-coffee-business-news%E2%80%A6-26-August-1-September-2022.jpg
www.worldcoffeeportal.com/getattachment/510c54f7-e198-408f-9833-d0d5c7d7caad/
37 KB
37 KB
Image
General
Full URL
https://www.worldcoffeeportal.com/getattachment/510c54f7-e198-408f-9833-d0d5c7d7caad/In-other-coffee-business-news%E2%80%A6-26-August-1-September-2022.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
151.236.34.12 Reading, United Kingdom, ASN29550 (SIMPLYTRANSIT, GB),
Reverse DNS
SF-19106.tagadab.com
Software
/
Resource Hash
84e2920345d11676b751ceda674f610a454c6552f5e68ced740f76adbbd759b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 01 Sep 2022 16:13:37 GMT
etag
"en-gb|510c54f7-e198-408f-9833-d0d5c7d7caad|9/1/2022 4:13:37 PM|LiveSite"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, must-revalidate
date
Fri, 02 Sep 2022 11:00:51 GMT
content-disposition
inline; filename="Friends2-(1).jpg"
accept-ranges
bytes
content-length
37450
expires
Fri, 02 Sep 2022 11:00:52 GMT
JennieTurkey_Lead.jpg
www.foodbusinessnews.net/ext/resources/2022/09/01/
52 KB
52 KB
Image
General
Full URL
https://www.foodbusinessnews.net/ext/resources/2022/09/01/JennieTurkey_Lead.jpg?height=418&t=1662052216&width=800
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.91.60.86 , United States, ASN14244 (AS-NSI-GLOBAL, US),
Reverse DNS
foodbusinessnews.net
Software
nginx /
Resource Hash
de4330423f64f7e1526eb8c5cf8df46a4ef7a5a4f23b4fe5c69d9259ab6a73bb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 11:00:53 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Age
63448
X-Cache
HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline
Connection
keep-alive
Content-Length
52777
X-XSS-Protection
1; mode=block
Pragma
cache
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"1c5ba4af13dfedca39a90497f623ba06"
Vary
User-Agent
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
private, private
Allow-Ranges
bytes
Content-Security-Policy
frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges
bytes
yishi-oatmeal-LEAD.jpg
www.foodbusinessnews.net/ext/resources/2022/09/01/
29 KB
29 KB
Image
General
Full URL
https://www.foodbusinessnews.net/ext/resources/2022/09/01/yishi-oatmeal-LEAD.jpg?height=418&t=1662047333&width=800
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.91.60.86 , United States, ASN14244 (AS-NSI-GLOBAL, US),
Reverse DNS
foodbusinessnews.net
Software
nginx /
Resource Hash
a3f1ff9d4219143e923e18b8a3e4c976ddf7cf9970d94320f33d39d64aa0ad46
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 11:00:53 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Age
68613
X-Cache
HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline
Connection
keep-alive
Content-Length
29419
X-XSS-Protection
1; mode=block
Pragma
cache
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"1210056115d40913b4751267d8f6f0d9"
Vary
User-Agent
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
private, private
Allow-Ranges
bytes
Content-Security-Policy
frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges
bytes
220901-donald-trump-se-1013a-8072b2.jpg
media-cldnry.s-nbcnews.com/image/upload/t_nbcnews-fp-1024-512,f_auto,q_auto:best/rockcms/2022-09/
43 KB
43 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_nbcnews-fp-1024-512,f_auto,q_auto:best/rockcms/2022-09/220901-donald-trump-se-1013a-8072b2.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:4ae::a1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
e8c2ea90a682d445f72bc8f683e06e892d503d04d6f2759ae715a010bffafb0a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:53 GMT
cache-tag
403769271565249431029854477602302033025,495165933008730068345314723616756536562,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="220901-donald-trump-se-1013a-8072b2.webp"
content-length
43832
x-served-by
cache-iad-kiad7000065-IAD
last-modified
Thu, 01 Sep 2022 15:41:44 GMT
server
cloudinary
x-timer
S1662116454.507931,VS0,VE1
etag
"40ce32aebfc5c36aa07fe41586cac389"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 02 Sep 2023 17:00:53 GMT
cache-control
public, private, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1
TBJCrowdfundingLead.jpg
www.foodbusinessnews.net/ext/resources/2022/09/01/
72 KB
73 KB
Image
General
Full URL
https://www.foodbusinessnews.net/ext/resources/2022/09/01/TBJCrowdfundingLead.jpg?height=418&t=1662046387&width=800
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.91.60.86 , United States, ASN14244 (AS-NSI-GLOBAL, US),
Reverse DNS
foodbusinessnews.net
Software
nginx /
Resource Hash
a087c5931eee3bc80739f946782a653dd5f4ef7c56ddde6f01b6055928cddc3c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 11:00:53 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Age
69484
X-Cache
HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline
Connection
keep-alive
Content-Length
73762
X-XSS-Protection
1; mode=block
Pragma
cache
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"a72b4c55b8f4347ca8e42229db6c2188"
Vary
User-Agent
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
private, private
Allow-Ranges
bytes
Content-Security-Policy
frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges
bytes
natureknit-LEAD.jpg
www.foodbusinessnews.net/ext/resources/2022/09/01/
50 KB
51 KB
Image
General
Full URL
https://www.foodbusinessnews.net/ext/resources/2022/09/01/natureknit-LEAD.jpg?height=418&t=1662045436&width=800
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.91.60.86 , United States, ASN14244 (AS-NSI-GLOBAL, US),
Reverse DNS
foodbusinessnews.net
Software
nginx /
Resource Hash
8a7b07cbe59acad35d743646b388025a803584388e4dce07a88c29cd5e73ef41
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 11:00:53 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Age
51648
X-Cache
HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline
Connection
keep-alive
Content-Length
51289
X-XSS-Protection
1; mode=block
Pragma
cache
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"894319fabeb040b86b2477fe1d7cca05"
Vary
User-Agent
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
private, private
Allow-Ranges
bytes
Content-Security-Policy
frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges
bytes
b45f9d4a-72b9-4897-b500-d075179cea6c-20220817_090901.jpg
www.gannett-cdn.com/presto/2022/09/01/NPOH/
263 KB
264 KB
Image
General
Full URL
https://www.gannett-cdn.com/presto/2022/09/01/NPOH/b45f9d4a-72b9-4897-b500-d075179cea6c-20220817_090901.jpg?crop=1999,1125,x0,y185&width=1600&height=800&format=pjpg&auto=webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
44844aa5f06d072af5492a4a2e4cf1cbc3c1d78506a2134573ea154d14ba72dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-goog-hash
crc32c=XLHmSw==, md5=iOCcAYrHRhS6zRgsAtKROw==
date
Fri, 02 Sep 2022 11:00:53 GMT
via
1.1 varnish, 1.1 varnish
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
73079
x-guploader-uploadid
ADPycdsD58dVPtLP-_8MwuOcSnva0Cz5d_j9b6UvLugaHpZU2a6XpfJumgktZxf_-tvXaVvmFiY94VuRydQxvsy1pu3GGA
x-cache
HIT, HIT
fastly-io-info
ifsz=687024 idim=2000x1500 ifmt=jpeg ofsz=269480 odim=1600x800 ofmt=webp
x-goog-storage-class
NEARLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
269480
x-served-by
cache-iad-kiad7000132-IAD, cache-cdg20751-CDG
vcl_data
4teo2sTrkRpe2BJzz4IyqE.276_19-d67f777fe0dcab85008fe2987e46a5f1
server
UploadServer
x-timer
S1662116453.034057,VS0,VE4
etag
"q0k6sqTFd3jjzvhPe50voBhxfZGVapOrmBT9Pt9N++s"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
x-goog-generation
1662043372738556
expires
Thu, 01 Sep 2022 14:42:53 GMT
cache-control
max-age=2592000
x-goog-stored-content-length
687024
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
59c096571ba28.image.jpg
bloximages.chicago2.vip.townnews.com/tribstar.com/content/tncms/assets/v3/editorial/0/e2/0e25b484-c9d9-55d1-bb18-c6e5b4c0cda7/
6 KB
6 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/tribstar.com/content/tncms/assets/v3/editorial/0/e2/0e25b484-c9d9-55d1-bb18-c6e5b4c0cda7/59c096571ba28.image.jpg?crop=514%2C514%2C0%2C42&resize=200%2C200&order=crop%2Cresize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8186ba1b56cd38f65283f1c1355e0457d6f49505303ed3608a8816e97e930db
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:53 GMT
vary
Accept
cf-cache-status
HIT
age
13314
cf-polished
qual=85, origFmt=jpeg, origSize=6224
last-modified
Tue, 19 Sep 2017 04:00:23 GMT
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="59c096571ba28.webp"
content-length
5700
x-vcache
MISS
server
cloudflare
etag
"b439bb5cc0af2f28ddcec6d72f505f60"
x-robots-tag
noarchive
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 01 Sep 2023 13:28:46 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7445be97a9f0d3b3-CDG
cf-bgj
imgq:85,h2pri
NeutralFoods_Lead.jpg
www.foodbusinessnews.net/ext/resources/2022/09/01/
26 KB
26 KB
Image
General
Full URL
https://www.foodbusinessnews.net/ext/resources/2022/09/01/NeutralFoods_Lead.jpg?height=418&t=1662041366&width=800
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.91.60.86 , United States, ASN14244 (AS-NSI-GLOBAL, US),
Reverse DNS
foodbusinessnews.net
Software
nginx /
Resource Hash
48d22275c1a0416ee70701af586876fde887a03a1b31b58f2278912878e0ce0f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 11:00:53 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Age
74903
X-Cache
HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline
Connection
keep-alive
Content-Length
26415
X-XSS-Protection
1; mode=block
Pragma
cache
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"15011dc15089ee7459427b1475edf27f"
Vary
User-Agent
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
private, private
Allow-Ranges
bytes
Content-Security-Policy
frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges
bytes
3M_Logo.jpg
mma.prnewswire.com/media/1343410/
24 KB
25 KB
Image
General
Full URL
https://mma.prnewswire.com/media/1343410/3M_Logo.jpg?p=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63aac1d07f5e692f1f19c1e7690ea820293658c5e23dca6ea141be3d1aecc4bc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:53 GMT
cf-cache-status
HIT
age
5402
x-powered-by
ASP.NET
content-length
25060
last-modified
Fri, 02 Sep 2022 09:30:51 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 02 Sep 2022 09:30:52 GMT
cache-control
public, max-age=1
accept-ranges
bytes
cf-ray
7445be977f7fd6e6-CDG
access-control-allow-headers
Content-Type
cf-bgj
h2pri
ePlus_Logo.jpg
mma.prnewswire.com/media/1582360/
31 KB
32 KB
Image
General
Full URL
https://mma.prnewswire.com/media/1582360/ePlus_Logo.jpg?p=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d0abacb195e590e2b8e3203f6019e27d97c428f4e5f3b5d5dd6ee888564ab4d2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:53 GMT
cf-cache-status
HIT
age
5603
x-powered-by
ASP.NET
content-length
31980
last-modified
Fri, 02 Sep 2022 09:19:27 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 02 Sep 2022 09:19:28 GMT
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
7445be977f81d6e6-CDG
access-control-allow-headers
Content-Type
cf-bgj
h2pri
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6591068858863614&plah=paipal.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 02 Sep 2022 11:00:53 GMT
Expresso-Business-FE1200x630.jpg
www.financialexpress.com/wp-content/uploads/2022/04/
0
0
Image
General
Full URL
http://www.financialexpress.com/wp-content/uploads/2022/04/Expresso-Business-FE1200x630.jpg
Protocol
HTTP/1.1
Server
23.7.203.198 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-203-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0721
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://paipal.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
2159
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 10:24:54 GMT
expires
Sat, 02 Sep 2023 10:24:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C186
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
60041a877fa900268d7940d6e2009d287a1be0a8b1aeff7b675eba82d190e90e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GENrzUy-xZSgP1TJjiQ58Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paipal.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-GENrzUy-xZSgP1TJjiQ58Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 11:00:53 GMT
expires
Fri, 02 Sep 2022 11:00:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 0721
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 10:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Sep 2023 10:06:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C186
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220831&jk=3263793413342703&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 0721
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?MFKKIQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:00:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
19_MH_186.jpeg
news.illinoisstate.edu/files/2021/10/
0
0
Image
General
Full URL
http://news.illinoisstate.edu/files/2021/10/19_MH_186.jpeg?w=640
Protocol
HTTP/1.1
Server
3.18.122.99 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-18-122-99.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220831&jk=3263793413342703&bg=!U1ClUBTNAAZTikH4c4o7ACkAdvg8WkJgxcS7rCccJRL6DeYOhuXIQfDBx_XoowaShNoYOBvVPYpXNgIAAABKUgAAAANoAQcKAJKzxjLBmuZE0lNNMDfx_Kmm7XWcRvBkeeQBPxcYDRx5ndMSFaqvStfeOLims1rYfnkvAseOTzJr46vP7NWwoaezvuZb6jSlAdvUjj9QXEor-HICJN4YErTBlxhtv5yS86Ti_Gye6QQHGtfpaYaZ7ylLJ3N4FxxR32Qrurfxb1Qj9uOTF1Dzkg31gUOCE_h0CHAiTpkCm9b1XqZt3lHTcDnntPz-W8zfOlruoMzJe6_KkCVANk7JSExu27dlUjFNcM6DAcu-UfCqetgpi45xn-9AW03-LvaFqzqN2QhAgn2IKE_NynMsAr9CAYB6raRqTjOXO_VwK9VDU7lBf5Hipe0BwXP_HwqDcQax6YgIMbjrSgYQecU_2xEN8G6IMOluXLwC5i4jaS5WXHv7q7kPa8eaOaNA3hPmCKr6e9jU1OcRVMQzmX3FjHWVjeT7BynRrsli7AmmJfi7YKpzeFzgmcfo7F7K5B-MnCqY_rFRK21SwFRSjMWQvA_CxgsqB03RVr1AcCu7KKXRHMbh3GOFnu5AXD6weTJWTtML383u7uGA5yoWobVwdCCbIyluIP2NhfBZ6698G8z_cmnG_xJLD3d7CB3JXw_1vexwEziyorHe6-k7G9E2jZrV9_3XHusEvNe9Iuw_p1Mn-z88G-C2XV9ub10BmJ3GIr53dtFvhKFU5emHz5zjT69tfuGOWh5j1xnLwYHox4uZw9NNYhJCIve2sxXVELnH2mwFRW8d7nwp7pziaLZHAR8AaXeiHuOu4P2_RwOPcAQJ0DGHvjbfg48uDB6RxXuM6Jyfn2YGWxmeiv_BexMEgZ_J7L-NivZHWh1JlKx-bIHV0nZBPkls-aG_o65qgI3PNj5voAnbscwbL1UeGf7lEPP3HwJvi4_jmh6H12UQsu_3ZhAy3RCQOKu_uFeEZO0l5hvB-nKH13tS9J2P00PNJ3fW9F7xfmmW9qF9e-cmQZch3ZtsZrjOEc8J5jTNbzsulk8YiY8uzvOtsp85gwiz7JWCoLf0jgDXQoH-FcJuv-TskjqTeByUNe6UgblmO65QQeOlTcVpLraOPFb6-RlLlLMTcXqMBBW6iiY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-657BC5VLFK&gtm=2oe8v0&_p=769191350&cid=1922215335.1662116452&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1662116452&sct=1&seg=0&dl=http%3A%2F%2Fpaipal.fr%2F&dt=Welcome%20to%20paipal.fr&en=scroll&epn.percent_scrolled=90&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-657BC5VLFK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://paipal.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 11:00:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://paipal.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| gtag object| dataLayer object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal function| requestGet function| requestPost function| getDataFromApi function| collectData function| updateOnPage function| updateWidget object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter undefined| RssApp_wall function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| elementQueries function| ResizeSensor function| ElementQueries object| $rssapp-wall:HH9Pb6AfLmzNxBuy_utils object| $rssapp-wall:HH9Pb6AfLmzNxBuy object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.paipal.fr/ Name: _ga_657BC5VLFK
Value: GS1.1.1662116452.1.0.1662116452.0.0.0
.paipal.fr/ Name: _ga
Value: GA1.1.1922215335.1662116452
.paipal.fr/ Name: __gads
Value: ID=0e9cd3fa46b6c4e7-22cf0a4c10ce004f:T=1662116452:RT=1662116452:S=ALNI_MZmkiC3q4pSqNxLWXD1Jd-Sy1wXMA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.prnewswire.com/ Name: __cf_bm
Value: _xCVrJUU_mQhGZyrhnI4c_TPtbxYvsZA1_9MyU2Elbg-1662116453-0-Af5j6AliM0kWNa8dVi7iQ1Eir+7mvME8DT7+pIiFC+6kZ2BCqB+iOB4764lhS28iL4W6k8LXjgY5xR5xqWk97P0=

4 Console Messages

Source Level URL
Text
network error URL: https://www.financialexpress.com/wp-content/uploads/2022/04/Expresso-Business-FE1200x630.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: http://www.financialexpress.com/wp-content/uploads/2022/04/Expresso-Business-FE1200x630.jpg
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://news.illinoisstate.edu/files/2021/10/19_MH_186.jpeg?w=640
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: http://news.illinoisstate.edu/files/2021/10/19_MH_186.jpeg?w=640
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
api.ipify.org
assets.storage.infomaniak.com
assets.storage.infomaniak.website
bloximages.chicago2.vip.townnews.com
bloximages.newyork1.vip.townnews.com
d1e00ek4ebabms.cloudfront.net
fj-corp-pub.s3.us-east-2.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
libn.com
media-cldnry.s-nbcnews.com
mma.prnewswire.com
news.illinoisstate.edu
pagead2.googlesyndication.com
paipal.fr
partner.googleadservices.com
region1.google-analytics.com
rss.app
s.abcnews.com
srv1.weatherwidget.org
storage.googleapis.com
thecoastnews.com
tpc.googlesyndication.com
upstatebusinessjournal.com
vtdigger.org
widget.rss.app
www.financialexpress.com
www.foodbusinessnews.net
www.gannett-cdn.com
www.google.com
www.googletagmanager.com
www.syracuse.com
www.worldcoffeeportal.com
104.16.132.24
104.21.25.189
128.65.195.180
13.32.121.2
142.250.186.98
151.101.130.62
151.236.34.12
18.66.97.3
192.124.249.33
2001:1600:0:aaaa::2:a
2001:4860:4802:34::36
208.91.60.86
23.7.203.198
2600:9000:2490:8800:8:7f5f:1900:93a1
2606:4700:20::681a:cfa
2606:4700:20::681a:eb0
2606:4700:3033::ac43:a2dd
2606:4700:4400::6812:2407
2a00:1450:4001:801::2002
2a00:1450:4001:801::2004
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2010
2a00:1450:4001:80e::2008
2a00:1450:4001:812::2002
2a00:1450:4001:829::2003
2a00:1450:4001:831::2002
2a00:1450:400e:811::200a
2a02:26f0:10e::5435:a1d9
2a02:26f0:ea:4ae::a1d
3.18.122.99
52.219.98.218
54.91.59.199
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0309ab64a2f788a8b8591a9800a20bb6df59882363472ac204ecd9fc74f4f186
03a02d7bd88be2f73213bce2b4f7f4f63b59b4c14bba3b75607e1347d1546d67
1fdc27f300f168e493e10ac3bee41cc6f5d10715bb4847ec83ce927774667adb
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7
2626c2a9db0fa60d72098b51fbbb81c88171b9f474ef6f152045e029a6aae50e
2749e2cdf0685102c73c73c074889c2dee73c4704e96fabc2ba3823e6a277c94
31eea44d2dd8619e65eb81e435ae31f61bbcb4226260e1beb2eefdb8d37ad8c9
34f9b2d5f6fe33c8ab1fe81136e76f287032d5a8e470c0c1780972166b1e002e
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
44844aa5f06d072af5492a4a2e4cf1cbc3c1d78506a2134573ea154d14ba72dd
4762cfe585d92b9a6c91f3fef5e64c7458b8da6cbf545fc1833cb421d88aac94
48d22275c1a0416ee70701af586876fde887a03a1b31b58f2278912878e0ce0f
4da291d0f08d7c511fee94f74db4d91ad0c21478ce8aa11728f2e7dabcc5cdb3
51d6a90b1f4b2d376a47d51241a71aa73f83cf096b2a087a68a684dbbe3a3e8e
52eb8714ec3662d3539f08c9aefe567ffb84ef829f79272261b0a63163ffff10
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cbd02210e2d73d74eb6246dacb2e5b64ea7d8606b0a3f495875a0df8c8923f
60041a877fa900268d7940d6e2009d287a1be0a8b1aeff7b675eba82d190e90e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63aac1d07f5e692f1f19c1e7690ea820293658c5e23dca6ea141be3d1aecc4bc
77ac6ff082f38a30e8b5d1d8c6d47140b17c1714cc2c3c4a19f9b6184d2696f9
84e2920345d11676b751ceda674f610a454c6552f5e68ced740f76adbbd759b9
8a7b07cbe59acad35d743646b388025a803584388e4dce07a88c29cd5e73ef41
9cd23201546664c13734862b76e15f97be70fd7081a793c9ba10bb71fb15269c
9e010c0c066bb96ca6036b1d7bc6bce40ee8f63a00cc02fa6017d477deff141a
9ece0f1e1122d54fe30e26fc2e49fb5294ed040c341f42c934e5b8fafa87b5cb
a087c5931eee3bc80739f946782a653dd5f4ef7c56ddde6f01b6055928cddc3c
a3f1ff9d4219143e923e18b8a3e4c976ddf7cf9970d94320f33d39d64aa0ad46
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b02a5cc9f7564e502b94191ce1deea31778164c8cfe3919ede3904a0e06491
a8186ba1b56cd38f65283f1c1355e0457d6f49505303ed3608a8816e97e930db
b1146577e5c8acec5d0149ff16b4dfe49ec836d4ce0fd9bf38aba90d04f1b022
b18ff86feb00662580ab1822f8deeba22f9b4cd003242ee295236c59284d8525
b7d664fe742d209b79af0ac768fa0703e874fec74fe2c94ff0e4f0052659158e
b8ec2eb0ac33e1af3b1eb519ad1785b5ce41e46f16e3236d363fec4cca80529a
bbadc9fdbf34d795fbce0dce4700115deee681ec5a3e5a02fd9fa7d12f42184f
c4a1b59d3635779ec2411d68725296ae500ca8f433762e79b34d17a06c989016
cbfb58fa3bcf70c701fc37975bab2e3bc4edbe328d183c345a6830d20d4514f7
cfdc130dd9ae6205f728580bce2f9e506073a7b72f47ab30be0ab2d7613ad425
d0abacb195e590e2b8e3203f6019e27d97c428f4e5f3b5d5dd6ee888564ab4d2
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de4330423f64f7e1526eb8c5cf8df46a4ef7a5a4f23b4fe5c69d9259ab6a73bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c2ea90a682d445f72bc8f683e06e892d503d04d6f2759ae715a010bffafb0a