184379-605899-raikfcquaxqncofqfm.stackpathdns.com Open in urlscan Pro
151.139.243.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Submission: On November 05 via manual (November 5th 2018, 1:59:15 pm UTC) from FR

Summary HTTP 204 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 54 IPs in 7 countries across 39 domains to perform 204 HTTP transactions. The main IP is 151.139.243.1, located in Dallas, United States and belongs to HIGHWINDS2 - Highwinds Network Group, Inc., US. The main domain is 184379-605899-raikfcquaxqncofqfm.stackpathdns.com.

This is the only time 184379-605899-raikfcquaxqncofqfm.stackpathdns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	151.139.243.1 151.139.243.1	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2600:9000:200... 2600:9000:2002:fc00:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
36	52.58.106.139 52.58.106.139	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	54.93.83.146 54.93.83.146	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81b::2010	15169 (GOOGLE) (GOOGLE - Google LLC)
4	178.250.0.93 178.250.0.93	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	185.33.223.216 185.33.223.216	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
5	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
31	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81b::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
6	23.8.170.84 23.8.170.84	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	104.18.134.145 104.18.134.145	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	88.221.144.8 88.221.144.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.194.201.158 18.194.201.158	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.230.129.86 54.230.129.86	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	147.135.143.44 147.135.143.44	16276 (OVH) (OVH)
2	2.16.186.113 2.16.186.113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.121.108 151.101.121.108	54113 (FASTLY) (FASTLY - Fastly)
1	104.18.135.145 104.18.135.145	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2600:9000:204... 2600:9000:2048:1200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	18.185.153.197 18.185.153.197	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	35.162.124.189 35.162.124.189	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.230.129.232 54.230.129.232	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	50.18.89.175 50.18.89.175	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2.16.186.57 2.16.186.57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	130.211.24.68 130.211.24.68	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	151.101.2.2 151.101.2.2	54113 (FASTLY) (FASTLY - Fastly)
1	2606:4700::68... 2606:4700::6810:cea5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a02:26f0:eb:... 2a02:26f0:eb:182::c09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:1d::84 2a04:4e42:1d::84	54113 (FASTLY) (FASTLY - Fastly)
1	178.250.2.130 178.250.2.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	54.230.129.100 54.230.129.100	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	54.230.129.53 54.230.129.53	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	151.101.194.2 151.101.194.2	54113 (FASTLY) (FASTLY - Fastly)
1	54.230.129.119 54.230.129.119	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY - Fastly)
8	13.74.157.134 13.74.157.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
3	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
1 5	18.184.58.214 18.184.58.214	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	54.77.188.87 54.77.188.87	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
204	54

30 151.139.243.1 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

184379-605899-raikfcquaxqncofqfm.stackpathdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2002:fc00:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 52.58.106.139 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com

www.rougeframboise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.83.146 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-93-83-146.eu-central-1.compute.amazonaws.com

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2010 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.93 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.216 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.8.170.84 (Cambridge, United States)

ASN3257 (GTT-BACKBONE GTT, DE)
PTR: a23-8-170-84.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.134.145 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

config.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.144.8 (Italy)

ASN20940 (AKAMAI-ASN1, US)
PTR: a88-221-144-8.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.201.158 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-201-158.eu-central-1.compute.amazonaws.com

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.129.86 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-129-86.ams50.r.cloudfront.net

cdn.elasticad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.143.44 (Waltham, United States)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.113 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-113.deploy.static.akamaitechnologies.com

middycdn-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.121.108 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.135.145 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

config.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2048:1200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.153.197 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-153-197.eu-central-1.compute.amazonaws.com

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.162.124.189 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-162-124-189.us-west-2.compute.amazonaws.com

events.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yield-manager.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.129.232 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-129-232.ams50.r.cloudfront.net

de5zarwna0j2q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.18.89.175 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-50-18-89-175.us-west-1.compute.amazonaws.com

navvy.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.57 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-57.deploy.static.akamaitechnologies.com

h.mnet-ad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.24.68 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 68.24.211.130.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cea5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:182::c09 (European Union)

ASN20940 (AKAMAI-ASN1, US)

csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1d::84 (European Union)

ASN54113 (FASTLY - Fastly, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.230.129.100 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-129-100.ams50.r.cloudfront.net

api.adrock.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.230.129.53 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-129-53.ams50.r.cloudfront.net

cdn.adrock.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.129.119 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-129-119.ams50.r.cloudfront.net

api.pubstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.74.157.134 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

api.logmatic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.184.58.214 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-184-58-214.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.77.188.87 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-188-87.eu-west-1.compute.amazonaws.com

ingestion-gateway-test.adr0ck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	rougeframboise.com www.rougeframboise.com	20 KB
34	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	94 KB
30	stackpathdns.com 184379-605899-raikfcquaxqncofqfm.stackpathdns.com	5 MB
8	logmatic.io api.logmatic.io	7 KB
8	adrock.tv api.adrock.tv cdn.adrock.tv	89 KB
7	media.net contextual.media.net navvy.media.net lg3.media.net	61 KB
6	seedtag.com config.seedtag.com s.seedtag.com cs.seedtag.com	147 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	198 KB
5	360yield.com 1 redirects ad.360yield.com	8 KB
5	facebook.com www.facebook.com staticxx.facebook.com	490 B
5	facebook.net connect.facebook.net	132 KB
5	gstatic.com fonts.gstatic.com	70 KB
4	smartadserver.com csync.smartadserver.com prg.smartadserver.com	3 KB
4	criteo.com bidder.criteo.com	888 B
3	adr0ck.com ingestion-gateway-test.adr0ck.com	711 B
3	adnxs.com ib.adnxs.com acdn.adnxs.com	30 KB
3	google-analytics.com 1 redirects www.google-analytics.com	34 KB
3	ezoic.net go.ezoic.net g.ezoic.net	52 KB
2	pinterest.com assets.pinterest.com log.pinterest.com	24 KB
2	taboola.com cdn.taboola.com	155 KB
2	browsiprod.com events.browsiprod.com yield-manager.browsiprod.com	336 B
2	akamaihd.net middycdn-a.akamaihd.net	6 KB
2	quantserve.com edge.quantserve.com pixel.quantserve.com	6 KB
2	scorecardresearch.com b.scorecardresearch.com	2 KB
2	google.com 1 redirects adservice.google.com www.google.com	354 B
2	google.de adservice.google.de www.google.de	282 B
2	googleapis.com fonts.googleapis.com storage.googleapis.com	87 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	78 KB
1	pubstack.io api.pubstack.io	1 KB
1	criteo.net static.criteo.net	12 KB
1	onesignal.com onesignal.com	2 KB
1	mnet-ad.net h.mnet-ad.net	322 B
1	cloudfront.net de5zarwna0j2q.cloudfront.net
1	quantcount.com rules.quantcount.com	484 B
1	leadplace.fr tag.leadplace.fr
1	elasticad.net cdn.elasticad.net	30 KB
1	sonobi.com apex.go.sonobi.com	737 B
1	googletagservices.com www.googletagservices.com	9 KB
1	googletagmanager.com www.googletagmanager.com	32 KB
204	39

	Domain	Requested by
36	www.rougeframboise.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
31	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
30	184379-605899-raikfcquaxqncofqfm.stackpathdns.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com www.rougeframboise.com
8	api.logmatic.io	cdn.adrock.tv 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
5	ad.360yield.com	1 redirects 184379-605899-raikfcquaxqncofqfm.stackpathdns.com cdn.adrock.tv
5	api.adrock.tv	184379-605899-raikfcquaxqncofqfm.stackpathdns.com cdn.adrock.tv
5	connect.facebook.net	184379-605899-raikfcquaxqncofqfm.stackpathdns.com connect.facebook.net
5	fonts.gstatic.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
5	pagead2.googlesyndication.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com pagead2.googlesyndication.com
4	www.facebook.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com connect.facebook.net
4	contextual.media.net	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
4	bidder.criteo.com	go.ezoic.net cdn.adrock.tv
3	ingestion-gateway-test.adr0ck.com	cdn.adrock.tv
3	prg.smartadserver.com	cdn.adrock.tv
3	cdn.adrock.tv	api.adrock.tv api.pubstack.io
3	s.seedtag.com	config.seedtag.com 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
3	www.google-analytics.com	1 redirects 184379-605899-raikfcquaxqncofqfm.stackpathdns.com www.googletagmanager.com
2	cdn.taboola.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com cdn.taboola.com
2	lg3.media.net	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	acdn.adnxs.com	config.seedtag.com go.ezoic.net
2	middycdn-a.akamaihd.net	storage.googleapis.com middycdn-a.akamaihd.net
2	b.scorecardresearch.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com cdn.taboola.com
2	config.seedtag.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com config.seedtag.com
2	g.ezoic.net	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
2	maxcdn.bootstrapcdn.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
1	log.pinterest.com	assets.pinterest.com
1	api.pubstack.io	cdn.adrock.tv
1	staticxx.facebook.com	connect.facebook.net
1	static.criteo.net	go.ezoic.net
1	assets.pinterest.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
1	csync.smartadserver.com	config.seedtag.com
1	cs.seedtag.com	config.seedtag.com
1	onesignal.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
1	h.mnet-ad.net	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
1	navvy.media.net	contextual.media.net
1	de5zarwna0j2q.cloudfront.net	cdn.elasticad.net
1	yield-manager.browsiprod.com	middycdn-a.akamaihd.net
1	events.browsiprod.com	middycdn-a.akamaihd.net
1	pixel.quantserve.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	rules.quantcount.com	edge.quantserve.com
1	tag.leadplace.fr	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
1	cdn.elasticad.net	storage.googleapis.com
1	edge.quantserve.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
1	www.google.de	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	ib.adnxs.com	go.ezoic.net
1	apex.go.sonobi.com	go.ezoic.net
1	storage.googleapis.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
1	www.googletagservices.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
1	www.googletagmanager.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
1	fonts.googleapis.com	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
1	go.ezoic.net	184379-605899-raikfcquaxqncofqfm.stackpathdns.com
204	57

This site contains links to these domains. Also see Links.

Domain
www.rougeframboise.com
www.facebook.com
fr.pinterest.com
twitter.com
plus.google.com

Subject Issuer	Validity	Valid
*.stackpathdns.com COMODO RSA Domain Validation Secure Server CA	`2018-07-11` - `2020-08-07`	2 years	crt.sh
rougeframboise.com Let's Encrypt Authority X3	`2018-10-26` - `2019-01-24`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
g.ezoic.net COMODO RSA Domain Validation Secure Server CA	`2016-10-09` - `2019-10-13`	3 years	crt.sh
*.storage.googleapis.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
*.criteo.com DigiCert SHA2 Secure Server CA	`2017-11-21` - `2018-11-26`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2017-01-04` - `2019-02-04`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2018-01-25` - `2019-01-25`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
cdn.elasticad.net COMODO RSA Domain Validation Secure Server CA	`2016-01-06` - `2019-02-02`	3 years	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-01-23` - `2019-01-19`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2018-07-13` - `2019-06-07`	a year	crt.sh
ssl906354.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-06-21` - `2019-06-05`	a year	crt.sh
*.browsiprod.com COMODO ECC Domain Validation Secure Server CA	`2018-05-02` - `2019-05-24`	a year	crt.sh
*.seedtag.com COMODO RSA Domain Validation Secure Server CA	`2018-03-16` - `2020-04-14`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-10-10` - `2019-09-07`	a year	crt.sh
ssl473492.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-08-14` - `2019-02-20`	6 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2018-05-09` - `2019-05-09`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2018-10-23` - `2019-06-26`	8 months	crt.sh
*.criteo.net DigiCert SHA2 Secure Server CA	`2017-11-21` - `2018-11-26`	a year	crt.sh
*.adrock.tv Amazon	`2018-06-01` - `2019-07-01`	a year	crt.sh
*.pubstack.io Amazon	`2018-09-25` - `2019-10-25`	a year	crt.sh
api.logmatic.io Gandi Standard SSL CA 2	`2018-09-27` - `2020-09-30`	2 years	crt.sh
*.360yield.com COMODO RSA Domain Validation Secure Server CA	`2018-03-12` - `2020-03-11`	2 years	crt.sh
ingestion-gateway-test.adr0ck.com Amazon	`2018-08-07` - `2019-09-07`	a year	crt.sh

This page contains 12 frames:

Primary Page: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Frame ID: 86C0C63A5ED38A4E0E57DC97B355D2A9
Requests: 194 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js
Frame ID: E87F56236AB53C514A43A4BE62FCA463
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?id=HIM3
Frame ID: 5FDEAFD22B16E85BB30F6C12CB5C2B42
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/zrt_lookup.html
Frame ID: 69C8FB7B641FDBA8991C8699A4F92F47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6396844742497208&output=html&h=31&slotname=dmo&adk=2981023279&adf=484426895&w=88&lmt=1541395600&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&flash=0&wgl=1&adsid=NT&dt=1541426336604&bpp=178&bdt=836&fdt=1165&idt=1157&shv=r20181031&cbv=r20180604&saldr=sa&abxe=1&correlator=3332829865315&frm=20&pv=2&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_fc=0&ga_wpids=UA-107998044-27&iag=0&icsg=35391235177600&dssz=80&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.u0qgaslvfeyp&fsb=1&xpc=sXElafrFD7&p=http%3A//184379-605899-raikfcquaxqncofqfm.stackpathdns.com&dtd=1229
Frame ID: DFD49EE725E7C31781D54ADAEB412319
Requests: 1 HTTP requests in this frame

Frame: http://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CUKY1173&cpcd=ZvIpgPcoFI3nvke2_t9z7g%3D%3D&crid=527397821&size=728x15&cc=DE&vif=1&requrl=http%3A%2F%2Fstackpathdns.com%2F&nse=3&vi=1541426337435534323&lw=1&ugd=4&re=1&nb=1
Frame ID: ECBC45476A34C84464E7BCB405CFA280
Requests: 2 HTTP requests in this frame

Frame: http://contextual.media.net/checksync.php?&gdpr=1&cs=2&cv=31&cid=8CUKY1173
Frame ID: 2F5CE094C37B09C0FDF0736C202EB130
Requests: 1 HTTP requests in this frame

Frame: http://cs.seedtag.com/cs.html?cmp=false&ga=true&cd=
Frame ID: F27D1A67E57AC8E6BBC0F3B5E94E2C58
Requests: 1 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=2699&dcid=6
Frame ID: 0F8C40A7DCCCD558FD7304D284F9FF40
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 5441CC8CFB819B7B5354D548AAC1EACA
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/__Bz3h5RzMx.js?version=42
Frame ID: 943B09199480BED6CD0B6907014570A7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4828C56469553C21F62BADFB658776D4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

TweenMax (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^TweenMax$/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /pbjs/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^criteo/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i
env /^google_tag_manager$/i

MaxCDN (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^NetDNA/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /edge\.quantserve\.com\/quant\.js/i
env /^quantserve$/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

204
Requests

80 %
HTTPS

38 %
IPv6

39
Domains

57
Subdomains

54
IPs

7
Countries

6524 kB
Transfer

10739 kB
Size

39
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rougeframboise.com/
Title: ×

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/beaute
Title: Beauté

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/minceur
Title: Minceur

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/couple
Title: Couple

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/psycho
Title: Psycho

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/buzz
Title: Buzz

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/mode
Title: Mode

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/sante
Title: Santé

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/alimentation
Title: Alimentation

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/voyages
Title: Voyages

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rougframboise

Search URL Search Domain Scan URL

URL: https://fr.pinterest.com/rougef/

Search URL Search Domain Scan URL

URL: https://twitter.com/Rouge_Framboise

Search URL Search Domain Scan URL

URL: https://plus.google.com/+Rougeframboise

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/buzz/voici-a-quoi-ressemblaient-certains-fruits-et-legumes-avant-quils-ne-soient-cultives-par-lhomme
Title: Voici à quoi ressemblaient certains fruits et légumes avant qu’ils ne soient cultivés par l’Homme

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/author/hassnaa-las
Title: Rouge Framboise

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/buzz/8-couples-qui-prouvent-que-lamour-peut-transformer-les-gens
Title: 8 couples qui prouvent que l’amour peut transformer les gens

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/sante/decouvrez-notre-recette-naturelle-pour-traiter-votre-toux
Title: Découvrez notre recette naturelle pour traiter votre toux

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/buzz/a-quoi-ressembleraient-nos-personnages-de-dessins-animes-preferes-sils-etaient-plus-ages
Title: A quoi ressembleraient nos personnages de dessins animés préférés s’ils étaient plus âgés

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/couple/les-4-plus-grands-defis-que-seules-les-relations-les-plus-solides-peuvent-surmonter
Title: Les 4 plus grands défis que seules les relations les plus solides peuvent surmonter

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/beaute/decouvrez-notre-recette-naturelle-pour-preparer-votre-propre-creme-anti-rides

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/beaute/5-astuces-pour-rajeunir-vos-mains-de-10-ans

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/beaute/voila-ce-que-vous-devez-savoir-si-vous-avez-le-crane-qui-gratte

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/beaute/4-qualites-peu-connues-de-lhuile-deglantier-qui-peuvent-revolutionner-votre-routine-de-soins-de-la-peau

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/beaute/5-astuces-de-maquillage-pour-arriver-a-imiter-la-beaute-naturelle

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/minceur/8-astuces-simples-pour-perdre-du-poids-dans-2-semaines

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/minceur/8-types-de-grains-a-consommer-si-vous-desirez-perdre-du-poids

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/minceur/8-astuces-pour-paraitre-plus-fine-sur-vos-photos

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/sante/6-exercices-rajeunissants-qui-fournissent-de-lenergie-au-corps

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/buzz/decouvrez-ce-nouveau-accessoire-qui-plaira-a-toutes-les-personnes-frileuses

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/mode/quel-jean-choisir-selon-votre-morphologie

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/mode/7-vetements-qui-peuvent-alterer-la-forme-du-corps-le-plus-parfait

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/beaute/quel-maquillage-adopter-selon-votre-tenue

Search URL Search Domain Scan URL

URL: https://www.rougeframboise.com/celebrites/14-celebrites-qui-ont-enfreint-toutes-les-regles-de-la-mode

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 54

https://www.google-analytics.com/r/collect?v=1&_v=j71&a=1392078546&t=pageview&_s=1&dl=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&ul=en-us&de=UTF-8&dt=Rouge%20Framboise%20-%20astuces%20beaut%C3%A9%2C%20sant%C3%A9%2C%20cuisine%20et%20bien-%C3%AAtre&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1026544038&gjid=878114917&cid=1379945631.1541426336&tid=UA-5082864-27&_gid=494089575.1541426336&_r=1&gtm=2ouas3&z=549109505 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5082864-27&cid=1379945631.1541426336&jid=1026544038&_gid=494089575.1541426336&gjid=878114917&_v=j71&z=549109505 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5082864-27&cid=1379945631.1541426336&jid=1026544038&_v=j71&z=549109505 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5082864-27&cid=1379945631.1541426336&jid=1026544038&_v=j71&z=549109505&slf_rd=1&random=3431237547

Request Chain 154

https://ad.360yield.com/hb?jsonp={%22bid_request%22:{%22id%22:%2277d23671635a6%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%226e2a7016341b68%22,%22currency%22:%22EUR%22,%22pid%22:%221162553%22,%22tid%22:%223c13bbbd-4081-4466-8350-13de6d1d5aab%22,%22kvw%22:{%22GDPR%22:[%22%22]},%22banner%22:{}}]}} HTTP 302
https://ad.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%2277d23671635a6%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%226e2a7016341b68%22,%22currency%22:%22EUR%22,%22pid%22:%221162553%22,%22tid%22:%223c13bbbd-4081-4466-8350-13de6d1d5aab%22,%22kvw%22:{%22GDPR%22:[%22%22]},%22banner%22:{}}]}}

204 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/ 110 KB
27 KB 1737ms
1712ms Document
text/html 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 27c9408fc23ac3dfc71b8ccc271cd4259db970ab45ce2a18deaa22072d473e95

Request headers

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:55 GMT
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Display: pub_site_sol
Expires: Sun, 04 Nov 2018 13:58:55 GMT
Last-Modified: Mon, 05 Nov 2018 05:26:40 GMT
Pagespeed: off
Response: 200
Set-Cookie: ezoadgid_83619=-1; Path=/; Domain=rougeframboise.com; Expires=Mon, 05 Nov 2018 14:28:54 UTC ezoref_83619=; Path=/; Domain=rougeframboise.com; Expires=Mon, 05 Nov 2018 15:58:54 UTC ezoab_83619=mod21-; Path=/; Domain=rougeframboise.com; Expires=Mon, 05 Nov 2018 14:28:54 UTC active_template::83619=pub_site.1541426334; Path=/; Domain=rougeframboise.com; Expires=Wed, 07 Nov 2018 13:58:54 UTC lp_83619=https://www.rougeframboise.com/; Path=/; Domain=rougeframboise.com; Expires=Mon, 05 Nov 2018 15:58:55 UTC ezovid_83619=528213410; Path=/; Domain=rougeframboise.com; Expires=Mon, 05 Nov 2018 14:28:55 UTC ezovuuidtime_83619=1541426335; Path=/; Domain=rougeframboise.com; Expires=Wed, 07 Nov 2018 13:58:55 UTC ezovuuid_83619=327351d4-4e6f-4e06-7a3b-a5adcc399918; Path=/; Domain=rougeframboise.com; Expires=Mon, 05 Nov 2018 14:28:55 UTC ezopvc_83619=1; Path=/; Domain=rougeframboise.com; Expires=Mon, 05 Nov 2018 14:28:55 UTC ezCMPCCS=true; Path=/; Domain=rougeframboise.com; Expires=Tue, 05 Nov 2019 13:58:55 GMT
Vary: Accept-Encoding,X-APP-JSON
X-Middleton-Display: pub_site_sol
X-Middleton-Response: 200
X-Sol: pub_site
Server: NetDNA-cache/2.2
Access-Control-Allow-Origin: *
Link: <https://www.rougeframboise.com/>; rel="canonical"
Content-Encoding: gzip
X-Cache: MISS
Accept-Ranges: bytes
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK dall2.js Show response
go.ezoic.net/porpoiseant/ 161 KB
51 KB 67ms
16ms Script
application/javascript 2600:9000:2002:fc00:2:cb38:840:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://go.ezoic.net/porpoiseant/dall2.js
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 2600:9000:2002:fc00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 9147e1b9298e9b7cfc6e80210d0a1b935730f41b2638acb25523c262f21d4a4a

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 22:37:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Oct 2018 23:40:54 GMT
Server: nginx/1.14.0
Age: 228074
ETag: "282ab-5792a40110d80;579b60ccba82f-gzip"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 6cb5674c966cf185ca044933e4011460.cloudfront.net (CloudFront)
Cache-Control: max-age=691200, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51175
X-Amz-Cf-Id: eOu7yrz86YgnW51l4lGb4PEf0p9lyGZSa3nH3yE28ufakn7Hw49oKg==

GET
H/1.1 200
OK 777b6cec76f30475c230255614a7f6af.css
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/ 770 KB
115 KB 11ms
9ms Stylesheet
text/css 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/777b6cec76f30475c230255614a7f6af.css
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f9adebeb75d9ff6fe47bf8765862b57a276448cebeb8feb7d69baf07b886f420

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:55 GMT
Content-Encoding: gzip
X-Sol: orig
Display: orig_site_sol
X-Ezoic-Cdn: Hit ds;mm;0548226cbba7ded8cb52323d4c8d295b;2-83619-2;86b43536-21bb-4c60-6737-63fa91094609
X-Cache: HIT
X-Middleton-Display: orig_site_sol
X-Middleton-Response: 200
Response: 200
Last-Modified: Tue, 30 Oct 2018 17:52:32 GMT
Server: NetDNA-cache/2.2
Cache-Control: max-age=2592000
Etag: W/"5bd89a60-c0879-gzip"
Vary: Accept-Encoding,Origin,X-APP-JSON
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Transfer-Encoding: chunked
Accept-Ranges: bytes
Link: <https://www.rougeframboise.com/wp-content/cache/min/1/777b6cec76f30475c230255614a7f6af.css>; rel="canonical"
Expires: Thu, 29 Nov 2018 17:58:57 UTC

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
7 KB 26ms
7ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Feb 2018 21:46:17 GMT
Connection: Keep-Alive
ETag: "1518903977"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
Content-Length: 6662

GET
H/1.1 200
OK css
fonts.googleapis.com/ 9 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:81b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Lora%3A300%2C400%2C500%2C600%2C700%2C900%7CLato%3A300%2C400%2C500%2C600%2C700%2C900%7CPT+Sans+Narrow%3A300%2C400%2C500%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=4.9.8

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

fa326ab5b5351bcbffbb9df304938414e7d1a0ef6d4890330ec4a92f88911c96

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Nov 2018 13:58:55 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Mon, 05 Nov 2018 13:58:55 GMT

GET
H/1.1 200
OK jquery-1.12.4.js Show response
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/busting/1/wp-includes/js/jquery/ 95 KB
34 KB 40ms
12ms Script
application/javascript 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/busting/1/wp-includes/js/jquery/jquery-1.12.4.js
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Aug 2018 13:51:41 GMT
Server: NetDNA-cache/2.2
ETag: W/"5b87f66d-17ba0"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Link: <https://www.rougeframboise.com/wp-content/cache/busting/1/wp-includes/js/jquery/jquery-1.12.4.js>; rel="canonical"
Expires: Sun, 25 Nov 2018 17:37:06 GMT

GET
H/1.1 200
OK js Show response
www.googletagmanager.com/gtag/ 86 KB
32 KB 50ms
22ms Script
application/javascript 2a00:1450:4001:81b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagmanager.com/gtag/js?id=UA-5082864-27

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

08b3872bc9a3575856d8453df7a8dbbf8d73f295571cbcab789bf1ae78f4163a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:55 GMT
Content-Encoding: gzip
Server: Google Tag Manager (scaffolding)
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: http://www.googletagmanager.com
Cache-Control: private, max-age=900
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
Content-Length: 31816
X-XSS-Protection: 1; mode=block
Expires: Mon, 05 Nov 2018 13:58:55 GMT

GET
S 200 logo-rouge-framboise.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2016/11/ 5 KB
5 KB 39ms
31ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2016/11/logo-rouge-framboise.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 114f44d4cfdc554321cfbc1ac178ef14175715840f5d91c8f865765061a1e6ea

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Mon, 07 Nov 2016 21:30:17 GMT
server: nginx
etag: "5820f269-1384"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2016/11/logo-rouge-framboise.png>; rel="canonical"
content-length: 4996
expires: Sun, 25 Nov 2018 17:37:06 GMT

GET
S 200 10-couples-qui-prouvent-que-lamour-peut-transformer-les-gens-574x300.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/11/ 307 KB
308 KB 1593ms
1584ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/11/10-couples-qui-prouvent-que-lamour-peut-transformer-les-gens-574x300.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: d2520aaaccb2d995f10fbce437d8c943336a8e05a4514608a6f09f5f4f10580a

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
display: staticcontent_sol
x-cache: MISS
status: 200
x-middleton-display: staticcontent_sol
x-middleton-response: 200
response: 200
last-modified: Mon, 05 Nov 2018 13:53:02 GMT
server: nginx
etag: "5be04b3e-4cbd0-gzip"
vary: Origin,Accept-Encoding,X-APP-JSON
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/11/10-couples-qui-prouvent-que-lamour-peut-transformer-les-gens-574x300.png>; rel="canonical"
expires: Wed, 05 Dec 2018 13:58:56 GMT

GET
S 200 decouvrez-notre-recette-naturelle-pour-traiter-votre-toux-574x300.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/10/ 232 KB
233 KB 1168ms
1160ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/10/decouvrez-notre-recette-naturelle-pour-traiter-votre-toux-574x300.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 540e1572968ea9bdfbe1cc3a476e82869b6bbd7b44788e63b111fcca36ac35e9

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
display: staticcontent_sol
x-cache: MISS
status: 200
x-middleton-display: staticcontent_sol
x-middleton-response: 200
response: 200
last-modified: Mon, 05 Nov 2018 13:53:02 GMT
server: nginx
etag: "5be04b3e-3a167-gzip"
vary: Origin,Accept-Encoding,X-APP-JSON
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/10/decouvrez-notre-recette-naturelle-pour-traiter-votre-toux-574x300.png>; rel="canonical"
expires: Wed, 05 Dec 2018 13:58:56 GMT

GET
S 200 a-quoi-ressembleraient-nos-personnages-de-dessins-animes-preferes-sils-etaient-plus-ages-574x300.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/10/ 277 KB
278 KB 1622ms
1614ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/10/a-quoi-ressembleraient-nos-personnages-de-dessins-animes-preferes-sils-etaient-plus-ages-574x300.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 254b578219512d33de217dafd8bae119a2af8ec1124e0f2f69a4648a545f9779

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
display: staticcontent_sol
x-cache: MISS
status: 200
x-middleton-display: staticcontent_sol
x-middleton-response: 200
response: 200
last-modified: Mon, 05 Nov 2018 13:53:03 GMT
server: nginx
etag: "5be04b3f-45301-gzip"
vary: Origin,Accept-Encoding,X-APP-JSON
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/10/a-quoi-ressembleraient-nos-personnages-de-dessins-animes-preferes-sils-etaient-plus-ages-574x300.png>; rel="canonical"
expires: Wed, 05 Dec 2018 13:58:56 GMT

GET
S 200 les-4-plus-grands-defis-que-seules-les-relations-les-plus-solides-peuvent-surmonter-600x300.jpg
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/10/ 20 KB
21 KB 38ms
30ms Image
image/jpeg 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/10/les-4-plus-grands-defis-que-seules-les-relations-les-plus-solides-peuvent-surmonter-600x300.jpg
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 257a9f4f7aa4129ef3d6f4163a5df27f0e300c747ba8d484786322b6e94b81bd

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Mon, 29 Oct 2018 17:45:28 GMT
server: nginx
etag: "5bd74738-51aa"
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/10/les-4-plus-grands-defis-que-seules-les-relations-les-plus-solides-peuvent-surmonter-600x300.jpg>; rel="canonical"
content-length: 20906
expires: Wed, 28 Nov 2018 17:45:38 GMT

GET
S 200 5-choses-qui-prouvent-que-les-personnes-qui-pleurent-beaucoup-sont-fortes-1-574x300.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/10/ 284 KB
284 KB 37ms
29ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/10/5-choses-qui-prouvent-que-les-personnes-qui-pleurent-beaucoup-sont-fortes-1-574x300.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: a9a58b1e33c7bfcd6a07bdcb98033babdcc28f48e597daaeeff82ab842dee5ad

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Fri, 26 Oct 2018 17:41:24 GMT
server: nginx
etag: "5bd351c4-46f54"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/10/5-choses-qui-prouvent-que-les-personnes-qui-pleurent-beaucoup-sont-fortes-1-574x300.png>; rel="canonical"
content-length: 290644
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 24 KB
9 KB 74ms
43ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

29fc84934b88bc2b0775cd250653124451989c54ad68c37fe1e1dd9180c70fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "9 / 54 of 1000 / last-modified: 1541186538"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 8937
X-XSS-Protection: 1; mode=block
Expires: Mon, 05 Nov 2018 13:58:55 GMT

GET
H/1.1 200
OK rochester.js Show response
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/detroitchicago/ 3 KB
1 KB 480ms
474ms Script
application/javascript 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/detroitchicago/rochester.js?cb=181-0&v=8
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 872691e0bb2abb68e66674a5aabd2e3aa9f0fcf33f1e7ede7ebbd679a3341900

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:56 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Nov 2018 00:24:08 GMT
Server: NetDNA-cache/2.2
Etag: W/"c9a-579b7ab91fa00;579b7ab91fa00-gzip"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=691200, public
Connection: keep-alive
Accept-Ranges: bytes
Link: <https://www.rougeframboise.com/detroitchicago/rochester.js>; rel="canonical"
Content-Length: 952

GET
H/1.1 200
OK banger.js Show response
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/porpoiseant/ 61 KB
12 KB 556ms
550ms Script
application/javascript 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/porpoiseant/banger.js?cb=181-0&bv=2&v=7&PageSpeed=off
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 09ba444df249598b50bd18a6e3a8f8c55c21fd6304e53a54ad7b4a40cdd0166c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:56 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Link: <https://www.rougeframboise.com/porpoiseant/banger.js>; rel="canonical"

GET
S 200 decouvrez-notre-recette-naturelle-pour-preparer-votre-propre-creme-anti-rides2-600x600.jpg
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/10/ 38 KB
38 KB 35ms
28ms Image
image/jpeg 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/10/decouvrez-notre-recette-naturelle-pour-preparer-votre-propre-creme-anti-rides2-600x600.jpg
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 2c28e2cddbfbed4d09a2dca13524eee15c65b340d2d0587e353be940b8a51bce

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Thu, 18 Oct 2018 10:02:18 GMT
server: nginx
etag: "5bc85a2a-972d"
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/10/decouvrez-notre-recette-naturelle-pour-preparer-votre-propre-creme-anti-rides2-600x600.jpg>; rel="canonical"
content-length: 38701
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 5-astuces-pour-rajeunir-vos-mains-de-10-ans-600x540.jpg
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/ 34 KB
34 KB 73ms
66ms Image
image/jpeg 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/5-astuces-pour-rajeunir-vos-mains-de-10-ans-600x540.jpg
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 0ca3d7a0dff0ec30b0ca655467935d7b828ec48ce450b9a23b7377f5e7f9242a

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Thu, 27 Sep 2018 17:07:49 GMT
server: nginx
etag: "5bad0e65-8618"
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/09/5-astuces-pour-rajeunir-vos-mains-de-10-ans-600x540.jpg>; rel="canonical"
content-length: 34328
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 voila-ce-que-vous-devez-savoir-si-vous-avez-le-crane-qui-gratte-600x600.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/ 551 KB
552 KB 37ms
29ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/voila-ce-que-vous-devez-savoir-si-vous-avez-le-crane-qui-gratte-600x600.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 4dca9b4626ba6d61a97c3d2288bbf3734391c8e5613ab95638ed1e94c37f0ab0

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Fri, 21 Sep 2018 17:12:05 GMT
server: nginx
etag: "5ba52665-89cb3"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/09/voila-ce-que-vous-devez-savoir-si-vous-avez-le-crane-qui-gratte-600x600.png>; rel="canonical"
content-length: 564403
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 4-qualites-peu-connues-de-lhuile-deglantier-qui-peuvent-revolutionner-votre-routine-de-soins-de-la-peau-600x600.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/ 254 KB
255 KB 25ms
18ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/4-qualites-peu-connues-de-lhuile-deglantier-qui-peuvent-revolutionner-votre-routine-de-soins-de-la-peau-600x600.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 5de028249e0d9f7db944aa2a9b9f0309c6b0c30aefaa1dba84a0fb6dfc27dab6

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Wed, 19 Sep 2018 16:57:28 GMT
server: nginx
etag: "5ba27ff8-3f932"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/09/4-qualites-peu-connues-de-lhuile-deglantier-qui-peuvent-revolutionner-votre-routine-de-soins-de-la-peau-600x600.png>; rel="canonical"
content-length: 260402
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 5-astuces-de-maquillage-pour-arriver-a-imiter-la-beaute-naturelle-600x600.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/ 173 KB
173 KB 37ms
30ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/5-astuces-de-maquillage-pour-arriver-a-imiter-la-beaute-naturelle-600x600.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 073da4ebdd74940b4f28210d9c233722a80aabdd90d0fce38781baf5ccc71dea

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Mon, 17 Sep 2018 08:43:31 GMT
server: nginx
etag: "5b9f6933-2b29f"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/09/5-astuces-de-maquillage-pour-arriver-a-imiter-la-beaute-naturelle-600x600.png>; rel="canonical"
content-length: 176799
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 10-couples-qui-prouvent-que-lamour-peut-transformer-les-gens-600x600.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/11/ 482 KB
483 KB 1536ms
1529ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/11/10-couples-qui-prouvent-que-lamour-peut-transformer-les-gens-600x600.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 21c0aadf96f6847a8b84ec6ed636a3ba1d9f5b85a2ab75e07576e396a3d07982

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
display: staticcontent_sol
x-cache: MISS
status: 200
x-middleton-display: staticcontent_sol
x-middleton-response: 200
response: 200
last-modified: Sat, 03 Nov 2018 00:24:08 GMT
server: nginx
etag: "5bdc7d3b-786de-gzip"
vary: Origin,Accept-Encoding,X-APP-JSON
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/11/10-couples-qui-prouvent-que-lamour-peut-transformer-les-gens-600x600.png>; rel="canonical"
expires: Wed, 05 Dec 2018 13:58:56 GMT

GET
S 200 8-astuces-simples-pour-perdre-du-poids-dans-2-semaines-600x480.jpg
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/ 33 KB
34 KB 73ms
66ms Image
image/jpeg 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/8-astuces-simples-pour-perdre-du-poids-dans-2-semaines-600x480.jpg
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 405f41764f656c44d87efc7da1dc49cdb112a0e641f66cd5c123cd0ac6843d0c

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Wed, 26 Sep 2018 17:03:23 GMT
server: nginx
etag: "5babbbdb-85e9"
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/09/8-astuces-simples-pour-perdre-du-poids-dans-2-semaines-600x480.jpg>; rel="canonical"
content-length: 34281
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 8-types-de-grains-a-consommer-si-vous-desirez-perdre-du-poids-600x600.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/ 527 KB
528 KB 36ms
30ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/8-types-de-grains-a-consommer-si-vous-desirez-perdre-du-poids-600x600.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 11912bef053a40c4c964ebf78e7a373366d04cbbb8dbcb49e9c96281da02d97c

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Mon, 24 Sep 2018 17:06:31 GMT
server: nginx
etag: "5ba91997-83d57"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/09/8-types-de-grains-a-consommer-si-vous-desirez-perdre-du-poids-600x600.png>; rel="canonical"
content-length: 539991
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 8-astuces-pour-les-filles-rondes-datteindre-la-pose-parfaite-600x600.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/ 413 KB
414 KB 36ms
29ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/8-astuces-pour-les-filles-rondes-datteindre-la-pose-parfaite-600x600.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 4102e6fb6b2d6d5232697d10efaa8a01f1d99fdce1fc71ae7561a7001a40bf8c

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Wed, 19 Sep 2018 09:29:11 GMT
server: nginx
etag: "5ba216e7-67387"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/09/8-astuces-pour-les-filles-rondes-datteindre-la-pose-parfaite-600x600.png>; rel="canonical"
content-length: 422791
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 6-exercices-rajeunissants-qui-fournissent-de-lenergie-au-corps-600x360.jpg
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/ 44 KB
44 KB 35ms
28ms Image
image/jpeg 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/6-exercices-rajeunissants-qui-fournissent-de-lenergie-au-corps-600x360.jpg
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: cd40bc3d6036a67ba50e593d8a6ff0d377c78697cde984b54c626470790abc47

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Mon, 10 Sep 2018 16:49:48 GMT
server: nginx
etag: "5b96a0ac-aeea"
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/09/6-exercices-rajeunissants-qui-fournissent-de-lenergie-au-corps-600x360.jpg>; rel="canonical"
content-length: 44778
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 cache-nez-600x600.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/10/ 363 KB
363 KB 35ms
29ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/10/cache-nez-600x600.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 55c8072d97ca03cbe2754a2d2291edb7944a27a08706ab332da8b68f926d9b85

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Fri, 19 Oct 2018 16:59:28 GMT
server: nginx
etag: "5bca0d70-5aa10"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/10/cache-nez-600x600.png>; rel="canonical"
content-length: 371216
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 quel-jean-choisir-selon-votre-morphologie-600x600.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/ 165 KB
166 KB 36ms
30ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/quel-jean-choisir-selon-votre-morphologie-600x600.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: ddabebcdd17d5d3d3468c3c86fa3ba1ffc591478041369d2c3fe438ea8e47572

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Wed, 26 Sep 2018 10:10:53 GMT
server: nginx
etag: "5bab5b2d-2944a"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/09/quel-jean-choisir-selon-votre-morphologie-600x600.png>; rel="canonical"
content-length: 169034
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 7-vetements-qui-peuvent-alterer-la-forme-du-corps-le-plus-parfait-600x600.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/ 382 KB
383 KB 35ms
29ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/7-vetements-qui-peuvent-alterer-la-forme-du-corps-le-plus-parfait-600x600.png
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: a6b5d16ab443740b17df9822107e88d89a9d78dae4b0a30252a52bcd50e545cb

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Tue, 18 Sep 2018 08:40:29 GMT
server: nginx
etag: "5ba0b9fd-5f852"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/09/7-vetements-qui-peuvent-alterer-la-forme-du-corps-le-plus-parfait-600x600.png>; rel="canonical"
content-length: 391250
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 quel-maquillage-adopter-selon-votre-tenue-600x600.jpg
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/ 63 KB
63 KB 72ms
65ms Image
image/jpeg 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/09/quel-maquillage-adopter-selon-votre-tenue-600x600.jpg
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: a7aa57eb02668bc4f802ac97f659272009e04165f847bfd8bbf638b77e38889d

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Wed, 12 Sep 2018 15:05:49 GMT
server: nginx
etag: "5b992b4d-fbf0"
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/09/quel-maquillage-adopter-selon-votre-tenue-600x600.jpg>; rel="canonical"
content-length: 64496
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 14-celebrites-qui-ont-enfreint-toutes-les-regles-de-la-mode-600x600.jpg
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/08/ 66 KB
66 KB 37ms
31ms Image
image/jpeg 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/08/14-celebrites-qui-ont-enfreint-toutes-les-regles-de-la-mode-600x600.jpg
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 5cbc2f768a68e81ab54b5b9552b81ca5c21e679e8903e6b4205c14da340abdce

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
last-modified: Mon, 27 Aug 2018 09:42:28 GMT
server: nginx
etag: "5b83c784-10848"
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/uploads/2018/08/14-celebrites-qui-ont-enfreint-toutes-les-regles-de-la-mode-600x600.jpg>; rel="canonical"
content-length: 67656
expires: Sun, 25 Nov 2018 18:02:22 GMT

GET
S 200 e3faa4488b89216bcb7ee9e5068ba6ea.js Show response
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/ 833 KB
214 KB 2027ms
2021ms Script
application/javascript 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/e3faa4488b89216bcb7ee9e5068ba6ea.js
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 6539edc020d1c5f2e90dedcdb9e972221044a578c7ca03c1482d6a05d1c67cdd

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
content-encoding: gzip
display: staticcontent_sol
x-cache: MISS
status: 200
x-middleton-display: staticcontent_sol
x-middleton-response: 200
response: 200
last-modified: Sat, 03 Nov 2018 00:24:08 GMT
server: nginx
etag: W/"5bd89a60-d02b3-gzip"
vary: Accept-Encoding,Origin,X-APP-JSON
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/cache/min/1/e3faa4488b89216bcb7ee9e5068ba6ea.js>; rel="canonical"
expires: Wed, 05 Dec 2018 13:58:56 GMT

GET
S 200 anchorfix.js Show response
www.rougeframboise.com/ezoic/ 879 B
1009 B 116ms
41ms Script
application/javascript 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rougeframboise.com/ezoic/anchorfix.js?v1
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: 15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 879
expires: Mon, 12 Nov 2018 13:58:55 GMT

GET
S 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 54 KB
21 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

026610e4d329e0db1dc68a69334f3d6d8045af498789ab1641ebcb055e99a6df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21153
x-xss-protection: 1; mode=block
server: cafe
etag: 15526438577649574605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Nov 2018 13:58:55 GMT

GET
S 200 style.css
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/themes/thevoux-wp/ 1 KB
1 KB 60ms
13ms Stylesheet
text/css 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/themes/thevoux-wp/style.css
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 85ac97d1f738ae830c0951515015d4f83f694eefff40a05e7a456b61c29ea41b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:55 GMT
content-encoding: gzip
last-modified: Mon, 07 Nov 2016 20:27:42 GMT
server: nginx
status: 200
etag: W/"5820e3be-573"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/themes/thevoux-wp/style.css>; rel="canonical"
content-length: 761
expires: Sun, 25 Nov 2018 17:37:08 GMT

GET
S

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

8ms
7ms

Script
text/javascript

2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Oct 2018 19:41:26 GMT
server: Golfe2
age: 3061
date: Mon, 05 Nov 2018 13:07:55 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17168
expires: Mon, 05 Nov 2018 15:07:55 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
S 200 ezosuigeneris.js Show response
g.ezoic.net/ 514 B
926 B 116ms
22ms Script
text/javascript 54.93.83.146
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigeneris.js
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.83.146 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-93-83-146.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: 42a46510fc273560e4264ee503077fe6f33bd06aed726ff77bbbcfcffb9a072c

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:56 GMT
last-modified: Sat, 03 Nov 2018 00:24:08 GMT
server: nginx/1.14.0
etag: c31cef5540ed25f580c684374e7c0beb
vary: Accept-Encoding,X-APP-JSON
content-type: text/javascript
status: 200
cache-control: max-age=999999, private
content-length: 514
expires: Mon, 29 Apr 2020 21:44:55 GMT

GET
S 200 ezosuigenerisc.js Show response
g.ezoic.net/ 0
111 B 104ms
10ms Script
text/html 54.93.83.146
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.83.146 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-93-83-146.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 05 Nov 2018 13:58:56 GMT
cache-control: max-age=300, private
server: nginx/1.14.0
content-length: 0
vary: Accept-Encoding,X-APP-JSON
content-type: text/html; charset=utf-8

GET
S 200 rougeframboisekompagnion.js Show response
storage.googleapis.com/kompagnion/rougeframboise/ 85 KB
85 KB 102ms
7ms Script
text/javascript 2a00:1450:4001:81b::2010
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/kompagnion/rougeframboise/rougeframboisekompagnion.js
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:81b::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fa0d5b8b17aaa61e6b9d3c66ec972796fe24315e5f1260e4caecfbbf75a52ecb

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:39:48 GMT
age: 1148
x-guploader-uploadid: AEnB2UrSqIdEksa28Uapj46C_rRVUo0NbgaeNF4XTvG8roAaDACv4BciMXsWjIWnrz_5gS91J1db3qxG25CJEE6uO4v8T1J6wQ
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 86696
last-modified: Fri, 28 Sep 2018 10:53:44 GMT
server: UploadServer
etag: "005e31d57dfd61858bffca3e4ea6c3fc"
x-goog-hash: crc32c=66g3dg==, md5=AF4x1X39YYWL/8o+TqbD/A==
content-language: fr
x-goog-generation: 1538132024230608
cache-control: public,max-age=3600
x-goog-stored-content-length: 86696
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 05 Nov 2018 14:39:48 GMT

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
222 B 119ms
16ms XHR
text/plain 178.250.0.93
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=7&cb=26390390768
Requested by: Host: go.ezoic.net
URL: http://go.ezoic.net/porpoiseant/dall2.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 178.250.0.93 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Date: Mon, 05 Nov 2018 13:58:55 GMT
Access-Control-Allow-Credentials: true
Server: Finatra
Vary: Origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 110 B
737 B 186ms
90ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2260d36edfcf7665%22%3A%22507eb80cf92592557f50%7C970x90%2C728x90%22%2C%2274a0c387215661%22%3A%22507eb80cf92592557f50%7C728x90%22%2C%2287f621884e80b8%22%3A%22507eb80cf92592557f50%7C250x250%22%2C%2298b801f54ea3d9%22%3A%22507eb80cf92592557f50%7C728x90%22%7D&ref=184379-605899-raikfcquaxqncofqfm.stackpathdns.com&s=8a0d8d76-cba6-4872-ba66-b2c28785f638&pv=934002d3-5122-4745-a3a6-f70c3f49397a&vp=desktop&lib_name=prebid&lib_v=1.12.0-pre&

Requested by

Host: go.ezoic.net
URL: http://go.ezoic.net/porpoiseant/dall2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

b79877d6740e93b09467eb1e1bd7425b342dab96967f585ea71ceb874b5c798a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 05 Nov 2018 13:58:56 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 117
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 B
748 B 89ms
20ms XHR
application/json 185.33.223.216
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezoic.net
URL: http://go.ezoic.net/porpoiseant/dall2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.216 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 05 Nov 2018 13:58:58 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.111:80
AN-X-Request-Uuid: 925d8a82-ce68-4584-b659-384ebb2c175d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2d5ae97c1b1dda217392678a45fbde9f9fa923b2071803e003cf861c61aaef3

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ 425 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b8608197d2e1977faa360a6e5645353c35c33a0ca0cbfa864035e8925d7ec5d

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
H/1.1 200
OK 0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v12/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lora/v12/0QIvMX1D_JOuMwr7I_FMl_E.woff2

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3f275b5815ecd7259e3edc7f777fd0f51bd64f644ac361cc0cc74adc7f5807e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Lora%3A300%2C400%2C500%2C600%2C700%2C900%7CLato%3A300%2C400%2C500%2C600%2C700%2C900%7CPT+Sans+Narrow%3A300%2C400%2C500%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=4.9.8
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

Date: Sun, 04 Nov 2018 12:29:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Nov 2017 15:24:37 GMT
Server: sffe
Age: 91770
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15292
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Nov 2019 12:29:26 GMT

GET
H/1.1 200
OK 0QIgMX1D_JOuO7HeNtxumtus-7w.woff2
fonts.gstatic.com/s/lora/v12/ 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lora/v12/0QIgMX1D_JOuO7HeNtxumtus-7w.woff2

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5c44be7bf1b0b598851d837b7c40b3f0675fe7ec8db084c11a9789ecab57bd30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Lora%3A300%2C400%2C500%2C600%2C700%2C900%7CLato%3A300%2C400%2C500%2C600%2C700%2C900%7CPT+Sans+Narrow%3A300%2C400%2C500%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=4.9.8
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

Date: Sun, 04 Nov 2018 23:13:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Nov 2017 15:25:13 GMT
Server: sffe
Age: 53149
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15316
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Nov 2019 23:13:07 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
71 KB 37ms
7ms Font
application/font-woff2 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

Date: Mon, 05 Nov 2018 13:58:56 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Feb 2018 21:46:23 GMT
Connection: Keep-Alive
ETag: "1518903983"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
Content-Length: 71903

GET
H/1.1 200
OK BngRUXNadjH0qYEzV7ab-oWlsbCGwR2oefDo.woff2
fonts.gstatic.com/s/ptsansnarrow/v9/ 11 KB
11 KB 16ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ptsansnarrow/v9/BngRUXNadjH0qYEzV7ab-oWlsbCGwR2oefDo.woff2

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bcd65f2fe5a8dfae8d4ae06db7f5754e756b05318a197ee63246d3e870c45664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Lora%3A300%2C400%2C500%2C600%2C700%2C900%7CLato%3A300%2C400%2C500%2C600%2C700%2C900%7CPT+Sans+Narrow%3A300%2C400%2C500%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=4.9.8
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

Date: Sun, 04 Nov 2018 12:33:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Oct 2018 20:49:11 GMT
Server: sffe
Age: 91509
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 11284
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Nov 2019 12:33:47 GMT

GET
H/1.1 200
OK S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Lora%3A300%2C400%2C500%2C600%2C700%2C900%7CLato%3A300%2C400%2C500%2C600%2C700%2C900%7CPT+Sans+Narrow%3A300%2C400%2C500%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=4.9.8
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

Date: Wed, 31 Oct 2018 14:20:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Oct 2017 18:23:20 GMT
Server: sffe
Age: 430709
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13944
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Oct 2019 14:20:27 GMT

GET
H/1.1 200
OK S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 13 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b907cd5b9c690c51dffd25fed156e1f024bf46db2ed8778273cf7657b4f35a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Lora%3A300%2C400%2C500%2C600%2C700%2C900%7CLato%3A300%2C400%2C500%2C600%2C700%2C900%7CPT+Sans+Narrow%3A300%2C400%2C500%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=4.9.8
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

Date: Sun, 04 Nov 2018 12:58:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Oct 2017 18:23:58 GMT
Server: sffe
Age: 90010
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13604
X-XSS-Protection: 1; mode=block
Expires: Mon, 04 Nov 2019 12:58:46 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 42 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=UA-5082864-27

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Oct 2018 19:41:26 GMT
server: Golfe2
age: 5377
date: Mon, 05 Nov 2018 12:29:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17301
expires: Mon, 05 Nov 2018 14:29:19 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
172 B 20ms
19ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 05 Nov 2018 13:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
172 B 19ms
19ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 05 Nov 2018 13:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_270.js Show response
securepubads.g.doubleclick.net/gpt/ 184 KB
63 KB 40ms
39ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

516b065177d1546683627fa32c8574fd59edc3eb3bf92cef5882d53e58d7a1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Oct 2018 15:56:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 64036
x-xss-protection: 1; mode=block
expires: Mon, 05 Nov 2018 13:58:56 GMT

GET
S 200 greenoaks.gif
www.rougeframboise.com/detroitchicago/ 43 B
184 B 9ms
8ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2YmU1NjQxOS1iMjgzLTRmMjUtNzQxNS1kZjQxZDc1OTU1NzIiLCJkb21haW5faWQiOiI4MzYxOSIsInRfZXBvY2giOjE1NDE0MjYzMzQsImRhdGEiOlt7Im5hbWUiOiJ1bml2ZXJzYWxfdXNlcl9pZCIsInZhbCI6ImMzMWNlZjU1NDBlZDI1ZjU4MGM2ODQzNzRlN2MwYmViIn1dfV0=
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:56 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:58:56 UTC

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j71&a=1392078546&t=pageview&_s=1&dl=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&ul=en-us&de=UTF-8&dt=Rouge%20Framboise%20-%20...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5082864-27&cid=1379945631.1541426336&jid=1026544038&_gid=494089575.1541426336&gjid=878114917&_v=j71&z=549109505
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5082864-27&cid=1379945631.1541426336&jid=1026544038&_v=j71&z=549109505
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5082864-27&cid=1379945631.1541426336&jid=1026544038&_v=j71&z=549109505&slf_rd=1&random=3431237547

42 B
110 B

16ms
16ms

Image
image/gif

2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5082864-27&cid=1379945631.1541426336&jid=1026544038&_v=j71&z=549109505&slf_rd=1&random=3431237547

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Nov 2018 13:58:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Nov 2018 13:58:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5082864-27&cid=1379945631.1541426336&jid=1026544038&_v=j71&z=549109505&slf_rd=1&random=3431237547
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dmedianet.js Show response
contextual.media.net/ 159 KB
57 KB 1449ms
1175ms Script
text/javascript 23.8.170.84
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://contextual.media.net/dmedianet.js?cid=8CUKY1173
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 23.8.170.84 Cambridge, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: a23-8-170-84.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1038c93dd2c359445cc521c4c9c8a3caff85344aac518020ca1c0a8036cf24f1

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Nov 2018 13:58:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
X-MNET-H: 8-5
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store
Transfer-Encoding: chunked
X-MN-W: 8-20
Connection: keep-alive, Transfer-Encoding
Expires: Mon, 05 Nov 2018 13:58:57 GMT

GET
S 200 lazyload-10.12.min.js Show response
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/plugins/wp-rocket/inc/front/js/ 4 KB
2 KB 689ms
689ms Script
application/javascript 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.12.min.js
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: fef59d7a136506fbe8e3c50c622f0fb28d777ca210773b575e638d0617a001ae

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
content-encoding: gzip
display: staticcontent_sol
x-cache: MISS
status: 200
x-middleton-display: staticcontent_sol
x-middleton-response: 200
content-length: 1684
response: 200
last-modified: Sat, 03 Nov 2018 00:24:08 GMT
server: nginx
etag: W/"5bd88ace-f86-gzip"
vary: Accept-Encoding,Origin,X-APP-JSON
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.12.min.js>; rel="canonical"
expires: Wed, 05 Dec 2018 13:58:57 GMT

GET
S 200 edmonton.webp Show response
www.rougeframboise.com/detroitchicago/ 13 KB
4 KB 10ms
10ms Script
application/javascript 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rougeframboise.com/detroitchicago/edmonton.webp?a=a&cb=181-0&shcb=31
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: c10e8c8c1133fa3f45547c987c643f861f75d8fb9efa4efafcd68e8565b78ee9

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 05 Nov 2018 13:58:56 GMT
content-encoding: gzip
server: nginx/1.14.0
cache-control: max-age=86400
vary: Accept-Encoding
content-type: application/javascript

GET
S 200 jellyfish.webp Show response
www.rougeframboise.com/porpoiseant/ 58 KB
12 KB 78ms
78ms Script
application/javascript 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rougeframboise.com/porpoiseant/jellyfish.webp?a=a&cb=181-0&shcb=31
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: 6188aab5bce3f692562099f513d9b84f3e06874d5cc73ec352d73b11aeb599dc

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 05 Nov 2018 13:58:56 GMT
content-encoding: gzip
server: nginx/1.14.0
cache-control: max-age=86400
vary: Accept-Encoding
content-type: application/javascript

GET
S 200 scroll_totop.png
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/themes/thevoux-wp/assets/img/ 428 B
731 B 9ms
8ms Image
image/png 151.139.243.1
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/themes/thevoux-wp/assets/img/scroll_totop.png
Requested by: Host: www.rougeframboise.com
URL: https://www.rougeframboise.com/ezoic/anchorfix.js?v1
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.1 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: eff5c71509012478f898d23b9dd40880deaa177994c274541a31002d6b57bc0e

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/777b6cec76f30475c230255614a7f6af.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:56 GMT
last-modified: Mon, 07 Nov 2016 20:27:07 GMT
server: nginx
etag: "5820e39b-1ac"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <https://www.rougeframboise.com/wp-content/themes/thevoux-wp/assets/img/scroll_totop.png>; rel="canonical"
content-length: 428
expires: Sun, 25 Nov 2018 17:37:06 GMT

GET
H/1.1 200
OK loader.js Show response
config.seedtag.com/ 22 KB
9 KB 184ms
14ms Script
application/javascript 104.18.134.145
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://config.seedtag.com/loader.js?v=0.3517302727252012
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 104.18.134.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab67c2c1aa802ff10252498e770a74dbb20bb666de3a71b581e6db196b139c06

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:56 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Connection: keep-alive
Content-Length: 8336
Last-Modified: Mon, 05 Nov 2018 11:40:14 GMT
Server: cloudflare
ETag: "e72ec43e88d8dabd1c00eb1d01840de0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public, max-age=691200
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-RAY: 474fd68cc28797f8-FRA
Expires: Tue, 13 Nov 2018 13:58:56 GMT

GET
S 200 ca-pub-6396844742497208.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
277 B 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-6396844742497208.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 10:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 04 Nov 2018 21:27:07 GMT
server: sffe
age: 12260
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Mon, 05 Nov 2018 22:34:36 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/ 201 KB
75 KB 125ms
123ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

466d2b29f247dbc0e604947617a57648f41f9def02b7aad22dcc51e610a3a445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 76292
x-xss-protection: 1; mode=block
server: cafe
etag: 8003792231229236402
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Nov 2018 13:58:56 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/ Frame E87F 201 KB
75 KB 151ms
24ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

466d2b29f247dbc0e604947617a57648f41f9def02b7aad22dcc51e610a3a445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 76292
x-xss-protection: 1; mode=block
server: cafe
etag: 8003792231229236402
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Nov 2018 13:58:56 GMT

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 44ms
16ms Script
application/x-javascript 88.221.144.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 88.221.144.8 , Italy, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a88-221-144-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Tue, 06 Nov 2018 13:58:56 GMT

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 12 KB
6 KB 70ms
11ms Script
application/x-javascript 18.194.201.158
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 18.194.201.158 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-194-201-158.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05-Nov-2018 13:58:56 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Mon, 12 Nov 2018 13:58:56 GMT

GET
H/1.1 200
OK nativeEmbed.gz.js Show response
cdn.elasticad.net/native/serve/js/ 159 KB
30 KB 105ms
13ms Script
application/x-javascript 54.230.129.86
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elasticad.net/native/serve/js/nativeEmbed.gz.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/kompagnion/rougeframboise/rougeframboisekompagnion.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.129.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-129-86.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3580c425234432307ba689cf9b2a30bd41250ebe625835737097ba4e8e4887ab

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 18:47:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Nov 2018 18:40:25 GMT
Server: AmazonS3
Age: 69096
ETag: "2b2e13fe0ecd432ad1a0ea0d9309145c"
X-Cache: Hit from cloudfront
x-amz-version-id: UNG6NCaKoCxwo1_FEfJMnssobkNHGerP
Via: 1.1 c722429a8af7d9f02db581c7256a2bef.cloudfront.net (CloudFront)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 30532
X-Amz-Cf-Id: hBrCABp3WpXZIeoIvveF22heOsk6NZpKOIUd20nPE1Uh1DQMIMaTOA==

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame 5FDE 0
0 64ms
32ms Document
text/html 147.135.143.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/wckr.php?id=HIM3
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 147.135.143.44 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Response headers

Server: nginx/1.12.2
Date: Mon, 05 Nov 2018 13:58:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 13162

GET
H/1.1 200
OK moneytag.js Show response
middycdn-a.akamaihd.net/bootstrap/ 454 B
1 KB 141ms
7ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://middycdn-a.akamaihd.net/bootstrap/moneytag.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/kompagnion/rougeframboise/rougeframboisekompagnion.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.113 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0bd0fe27fb7e18f67257fda18bc131ef515d0f55e5b080b51769331e8ab4a335

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: O_ulDuBpDu0zDQw2YaeNB.SM6kqFyFWq
ETag: "a5f2ecbcc1bbff1df0b7a22d1bb162b5"
x-amz-request-id: 5C8F2CDA565B3942
Connection: keep-alive
Content-Length: 454
x-amz-id-2: AYkwDogHld3LI91FFzODzUkm0FI6bhdVoYvFfXWJr03URkzqWGlYKWPR6iF8tWLruogtR9oFrEs=
Last-Modified: Wed, 11 Apr 2018 08:45:13 GMT
Server: AmazonS3
Date: Mon, 05 Nov 2018 13:58:56 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 05 Dec 2018 13:58:56 GMT

GET
S 200 imp.gif
www.rougeframboise.com/detroitchicago/ 43 B
110 B 14ms
13ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_location_ids%22%3A%225%2C21%2C2%2C82%2C22%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_version%22%3A3%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A3%2C%22domain_id%22%3A83619%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22forensiq_score%22%3A-1%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%221100%2C1110%2C1112%2C1113%2C1114%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%226be56419-b283-4f25-7415-df41d7595572%22%2C%22position_selection_id%22%3A16%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_time_orig%22%3A467%2C%22serverid%22%3A%2252.207.48.17%3A5054%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221100%2C1110%2C1112%2C1113%2C1114%22%2C%22t_epoch%22%3A1541426334%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.rougeframboise.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A423%7D
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:56 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 43

GET
S 200 greenoaks.gif
www.rougeframboise.com/detroitchicago/ 43 B
94 B 11ms
10ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2YmU1NjQxOS1iMjgzLTRmMjUtNzQxNS1kZjQxZDc1OTU1NzIiLCJkb21haW5faWQiOiI4MzYxOSIsInRfZXBvY2giOjE1NDE0MjYzMzQsImRhdGEiOlt7Im5hbWUiOiJkZXZpY2Vfd2lkdGgiLCJ2YWwiOiIxNjAwIn0seyJuYW1lIjoiZGV2aWNlX2hlaWdodCIsInZhbCI6IjEyMDAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2YmU1NjQxOS1iMjgzLTRmMjUtNzQxNS1kZjQxZDc1OTU1NzIiLCJkb21haW5faWQiOiI4MzYxOSIsInRfZXBvY2giOjE1NDE0MjYzMzQsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDE4LTExLTA1In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTMifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNmJlNTY0MTktYjI4My00ZjI1LTc0MTUtZGY0MWQ3NTk1NTcyIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ0X2Vwb2NoIjoxNTQxNDI2MzM0LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2YmU1NjQxOS1iMjgzLTRmMjUtNzQxNS1kZjQxZDc1OTU1NzIiLCJkb21haW5faWQiOiI4MzYxOSIsInRfZXBvY2giOjE1NDE0MjYzMzQsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0=
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:56 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:58:57 UTC

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 84 KB
29 KB 124ms
28ms XHR
application/javascript 151.101.121.108
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: config.seedtag.com
URL: http://config.seedtag.com/loader.js?v=0.3517302727252012
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.121.108 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 53da49b29ac83e2f3aeeb377a7c3fec923175b5de40e19378cd18da80e34208b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

Date: Mon, 05 Nov 2018 13:58:57 GMT
Content-Encoding: gzip
Age: 71426
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29395
X-Served-By: cache-jfk8139-JFK, cache-cdg20724-CDG
Access-Control-Allow-Origin: *
Last-Modified: Tue, 09 Oct 2018 18:02:31 GMT
Server: nginx/1.13.10
X-Timer: S1541426337.276819,VS0,VE0
Fastly-Debug-Digest: b26d66ba869a0f8398713a42ad1d25566d792eec90f58d95ed2ad78cf8eb037b
ETag: W/"5bbced37-14f3d"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 10 Oct 2018 18:07:39 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 406270

GET
S 200 st_3.2d2a8b29d3ea3281d214.js Show response
config.seedtag.com/ 479 KB
132 KB 113ms
17ms Script
application/javascript 104.18.135.145
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://config.seedtag.com/st_3.2d2a8b29d3ea3281d214.js
Requested by: Host: config.seedtag.com
URL: http://config.seedtag.com/loader.js?v=0.3517302727252012
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.135.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3138a580cf1eec18a5a86a4742f18db03f53755c497c921e57fa55fc5b977f7

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 134112
last-modified: Mon, 05 Nov 2018 11:40:13 GMT
server: cloudflare
etag: "44f4e30b4ce5ed5febf7c802faa2675a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=691200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 474fd68fed7863a3-FRA
expires: Tue, 13 Nov 2018 13:58:57 GMT

GET b
b.scorecardresearch.com/ 0
0

GET
H/1.1 200
OK rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
484 B 106ms
20ms Script
application/x-javascript 2600:9000:2048:1200:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: edge.quantserve.com
URL: http://edge.quantserve.com/quant.js
Protocol: HTTP/1.1
Server: 2600:9000:2048:1200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 27 Jul 2018 20:48:06 GMT
Via: 1.1 e00584961bd0e81cd2b5bf84f9ffe964.cloudfront.net (CloudFront)
Last-Modified: Sat, 04 Mar 2017 19:50:24 GMT
Server: AmazonS3
Age: 69517
ETag: "8a80554c91d9fca8acb82f023de02f11"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3
X-Amz-Cf-Id: B1VWQLzalZCZJoLqVMURxkZVV-1C06FFiBRL-PbYTz2vX4-SM9jrDQ==

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 510 B
574 B 83ms
83ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=4374189389391500&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21061645%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-box-3&sz=250x250&scp=iid7%3D660141%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1112%26sap%3D1112%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Drougeframboise_com-box-3-660141%26bv%3D15%26br1%3D4200%26br2%3D0%26ezoic%3D1%26stl%3D4%26deal1%3D25%2C26%2C27%2C28%2C29%2C30&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426337307&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=668&ady=487&adk=1481145426&uci=1&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=75&icsg=2252352801738528&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=250x-1&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

27bf85f7c0e341539559eada12383b08b9c9802d781f7c70b3eebf361faab69e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 355
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_270.js Show response
securepubads.g.doubleclick.net/gpt/ 54 KB
20 KB 39ms
39ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_270.js?21062715

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

f7739b424d4acd048d584bf1bfa99a1ea5481989d1abb8948e9bf571729f2c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Oct 2018 15:56:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 20717
x-xss-protection: 1; mode=block
expires: Mon, 05 Nov 2018 13:58:57 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-30/html/ 0
0 13ms
6ms Other
text/html 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-30/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715
Protocol: HTTP/1.1
Server: 2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Expires: Tue, 29 Oct 2019 18:05:38 GMT
Cache-Control: public, immutable, max-age=31536000
Last-Modified: Fri, 12 Oct 2018 04:28:13 GMT
Content-Type: text/html

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 518 B
525 B 95ms
95ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=4374189389391500&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21061645%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-3&sz=728x90&scp=iid7%3D661944%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D8%26al%3D1021%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-3-661944%26bv%3D1%26br1%3D3000%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D24%2C25%2C26%2C27%2C28%2C29%2C30&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426337362&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=1708&adk=3848954464&uci=2&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=20929A&color_text=000000&color_url=F0F0F0&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=76&icsg=2252352801738528&std=0&vis=1&scr_x=0&scr_y=0&psz=1150x-1&msz=728x-1&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f50995c344f06888ccb0b52f1744e0619d18c372e33a1ac2de9b65ccaf8a2873

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 360
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 518 B
527 B 142ms
142ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=4374189389391500&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21061645%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-4&sz=728x90&scp=iid7%3D601032%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1114%26sap%3D1114%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D9%26al%3D1022%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-4-601032%26bv%3D13%26br1%3D900%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426337389&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=2797&adk=1628039811&uci=3&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=76&icsg=2252352801738528&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=728x-1&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2a8d8619d541e79d007f77045f32d473a0c6932eff8f01204d3075dc0fcf2643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 362
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 540 B
648 B 189ms
189ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=4374189389391500&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21061645%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-2&sz=970x90&scp=iid7%3D660444%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C253%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D3%26al%3D1005%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-2-660444%26bv%3D12%26br1%3D2000%26br2%3D0%26ezoic%3D1%26deal1%3D22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426337405&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=308&ady=1108&adk=321035083&uci=4&gut=v2&color_bg=EEFF00&color_border=EEFF00&channel=1829865571&color_link=000000&color_text=000000&color_url=000000&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=76&icsg=2252352801738528&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

df801a6e8b43f44898330d0c7cbfc59ece4c8c67d6f6a3a730c9a512eb3b13e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 371
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bootstrap.js Show response
middycdn-a.akamaihd.net/bootstrap/ 11 KB
5 KB 7ms
7ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/moneytag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.113 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b93794c72f8d82448d877c23444ae54a3398404d6b7026505df4e2868a27cb15

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 376XVnAKqt57oYEE76NRp5e1P8viMoX4
Content-Encoding: gzip
ETag: "ee7450d74f3f2ea205f16e64341c9f3b"
x-amz-request-id: 5EBA3B079387030C
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4270
x-amz-id-2: uud8FR6Zoniz/Xm8EcVIRpjp+2l3QUDp+FmZqYqC/AZTALyhO1XnA9SFCNQ/1CYU8OyySJPh/78=
Last-Modified: Mon, 15 Oct 2018 11:55:17 GMT
Server: AmazonS3
Date: Mon, 05 Nov 2018 13:58:57 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Mon, 05 Nov 2018 14:58:57 GMT

GET
H/1.1 200
OK pixel;r=2118330371;labels=Domain.rougeframboise_com%2CDomainId.83619;rf=0;a=p-31iz6hfFutd16;url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F;fpan=1;fpa=P0-1668749821-1541426337...
pixel.quantserve.com/ 35 B
479 B 40ms
10ms Image
image/gif 18.185.153.197
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.quantserve.com/pixel;r=2118330371;labels=Domain.rougeframboise_com%2CDomainId.83619;rf=0;a=p-31iz6hfFutd16;url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F;fpan=1;fpa=P0-1668749821-1541426337587;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1541426337587;tzo=0;ogl=type.article%2Ctitle.Rouge%20Framboise%20-%20astuces%20beaut%C3%A9%252C%20sant%C3%A9%252C%20cuisine%20et%20bien-%C3%AAtre%2Curl.https%3A%2F%2Fwww%252Erougeframboise%252Ecom%2F%2Csite_name.Rouge%20Framboise%2Cupdated_time.2016-11-11T13%3A34%3A17%2B00%3A00
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 18.185.153.197 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-185-153-197.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Nov 2018 13:58:57 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
S 204 supply Show response
events.browsiprod.com/events/ 0
126 B 578ms
178ms XHR
text/plain 35.162.124.189
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=witMmBSbMi
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.162.124.189 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-162-124-189.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Mon, 05 Nov 2018 13:58:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

GET
S 200 supply Show response
yield-manager.browsiprod.com/ 65 B
210 B 574ms
180ms Script
application/javascript 35.162.124.189
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-manager.browsiprod.com/supply?body=%7B%22siteKey%22%3A%22stackpathdns%22%2C%22callback%22%3A%22DbazVKqLIjYPdYEuWVeu%22%2C%22referrerUrl%22%3A%22%22%2C%22url%22%3A%22http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F%22%2C%22bootstrapId%22%3A%22witMmBSbMi%22%2C%22pageWidth%22%3A1585%2C%22sessionId%22%3A%22%22%2C%22userId%22%3A%22%22%2C%22isGzip%22%3Atrue%7D&cb=1541426337616
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.162.124.189 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-162-124-189.us-west-2.compute.amazonaws.com
Software: akka-http/10.1.5 /
Resource Hash: 0194b46a483c10715677cb8832833030dcf7597644277ebe473030e3f749152b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 05 Nov 2018 13:58:58 GMT
content-encoding: gzip
server: akka-http/10.1.5
content-type: application/javascript; charset=UTF-8

GET
H/1.1 403
Forbidden pconfig
de5zarwna0j2q.cloudfront.net/native/placements/stackpathdns.com/ 0
0 129ms
105ms Script
application/xml 54.230.129.232
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://de5zarwna0j2q.cloudfront.net/native/placements/stackpathdns.com/pconfig?r=9f53151e8df3
Requested by: Host: cdn.elasticad.net
URL: https://cdn.elasticad.net/native/serve/js/nativeEmbed.gz.js
Protocol: HTTP/1.1
Server: 54.230.129.232 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-129-232.ams50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: application/xml

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/ Frame 69C8 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20181031/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
accept-encoding: gzip, deflate
cookie: IDE=AHWqTUnGoEJGVrXip7XL6sJjueaKNSHeW9j5q67Wd5w9C9e-rhhxJ7iLzLK9TDcz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 31 Oct 2018 20:37:55 GMT
expires: Wed, 14 Nov 2018 20:37:55 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 408062
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame DFD4 0
0 96ms
95ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6396844742497208&output=html&h=31&slotname=dmo&adk=2981023279&adf=484426895&w=88&lmt=1541395600&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&flash=0&wgl=1&adsid=NT&dt=1541426336604&bpp=178&bdt=836&fdt=1165&idt=1157&shv=r20181031&cbv=r20180604&saldr=sa&abxe=1&correlator=3332829865315&frm=20&pv=2&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_fc=0&ga_wpids=UA-107998044-27&iag=0&icsg=35391235177600&dssz=80&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.u0qgaslvfeyp&fsb=1&xpc=sXElafrFD7&p=http%3A//184379-605899-raikfcquaxqncofqfm.stackpathdns.com&dtd=1229

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6396844742497208&output=html&h=31&slotname=dmo&adk=2981023279&adf=484426895&w=88&lmt=1541395600&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&flash=0&wgl=1&adsid=NT&dt=1541426336604&bpp=178&bdt=836&fdt=1165&idt=1157&shv=r20181031&cbv=r20180604&saldr=sa&abxe=1&correlator=3332829865315&frm=20&pv=2&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_fc=0&ga_wpids=UA-107998044-27&iag=0&icsg=35391235177600&dssz=80&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.u0qgaslvfeyp&fsb=1&xpc=sXElafrFD7&p=http%3A//184379-605899-raikfcquaxqncofqfm.stackpathdns.com&dtd=1229
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
accept-encoding: gzip, deflate
cookie: IDE=AHWqTUnGoEJGVrXip7XL6sJjueaKNSHeW9j5q67Wd5w9C9e-rhhxJ7iLzLK9TDcz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 05 Nov 2018 13:58:57 GMT
server: cafe
cache-control: private
content-length: 82
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/ 75 KB
28 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

54af46f306964af72da59c1d80240015e8f1bec1d723a259bb0e8944f30786b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 31 Oct 2018 14:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28222
x-xss-protection: 1; mode=block
server: cafe
etag: 2884000118126310004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Nov 2018 14:23:29 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 368 B
333 B 91ms
90ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=3878757478182003&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-box-3&sz=250x250&rc=1&scp=iid7%3D660141%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1112%26sap%3D1112%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Drougeframboise_com-box-3-660141%26bv%3D15%26br1%3D2100%26br2%3D0%26ezoic%3D1%26stl%3D4%26deal1%3D%255B22%252C23%252C24%255D%26lb%3D4200&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426337874&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=668&ady=487&adk=1481145426&uci=5&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=80&icsg=35391235177600&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=250x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a249feb995e16d0b75057a0eb0cdbf5991464113846f559924016b2a2a66f682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 253
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
94 B 8ms
8ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwMTQxIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:58:57 UTC

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 376 B
343 B 107ms
107ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=2746510310789312&output=json_html&callback=googletag.impl.pubads.callbackProxy6&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-3&sz=728x90&rc=1&scp=iid7%3D661944%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D8%26al%3D1021%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-3-661944%26bv%3D1%26br1%3D1500%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B21%252C22%252C23%255D%26lb%3D3000&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426337893&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=1708&adk=3848954464&uci=6&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=20929A&color_text=000000&color_url=F0F0F0&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=79&icsg=35391235177600&std=0&vis=1&scr_x=0&scr_y=0&psz=1150x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

56d1b8c29a1809ff2c130aee87363cfc448928d06c61789a553fdd160b157599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 263
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
70 B 8ms
8ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:58:57 UTC

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 376 B
341 B 99ms
99ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=368634934192502&output=json_html&callback=googletag.impl.pubads.callbackProxy7&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-4&sz=728x90&rc=1&scp=iid7%3D601032%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1114%26sap%3D1114%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D9%26al%3D1022%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-4-601032%26bv%3D13%26br1%3D450%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255Bundefined%255D%26lb%3D900&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426337911&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=2797&adk=1628039811&uci=7&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=78&icsg=35391235177600&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

5c4fa235e59c45d44eae74fbb4f751e4588ce789f0f3fab69077f2bea47d8d2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 262
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
94 B 11ms
11ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjAxMDMyIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTQtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:57 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:58:58 UTC

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 376 B
338 B 95ms
95ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=2205881791760204&output=json_html&callback=googletag.impl.pubads.callbackProxy8&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-2&sz=970x90&rc=1&scp=iid7%3D660444%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C253%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D3%26al%3D1005%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-2-660444%26bv%3D12%26br1%3D1000%26br2%3D0%26ezoic%3D1%26deal1%3D21%26lb%3D2000&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426338040&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=308&ady=1108&adk=321035083&uci=8&gut=v2&color_bg=EEFF00&color_border=EEFF00&channel=1829865571&color_link=000000&color_text=000000&color_url=000000&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=77&icsg=35391235177600&std=0&vis=1&scr_x=0&scr_y=0&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

89cedabf98f934fb03aee0bc6c42d476f48631f64ffe8e314913b7ab4bbfc44a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 262
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
94 B 7ms
7ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwNDQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:58 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:58:58 UTC

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
70 B 10ms
10ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwMTQxIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:58 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:58:58 UTC

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
70 B 9ms
9ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:58 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:58:58 UTC

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
70 B 14ms
8ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjAxMDMyIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTQtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:58 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:58:58 UTC

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
94 B 9ms
8ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwNDQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:58 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:58:59 UTC

POST
H/1.1 200
OK bping.php
navvy.media.net/ 807 B
1 KB 372ms
171ms Other
image/gif 50.18.89.175
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://navvy.media.net/bping.php
Requested by: Host: contextual.media.net
URL: http://contextual.media.net/dmedianet.js?cid=8CUKY1173
Protocol: HTTP/1.1
Server: 50.18.89.175 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-50-18-89-175.us-west-1.compute.amazonaws.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 05 Nov 2018 13:58:58 GMT
Server: Jetty(9.4.7.v20170914)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache,no-store
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
Content-Length: 807
Expires: Mon, 05 Nov 2018 13:58:58 GMT

GET
H/1.1 200
OK fcmdynet.js Show response
contextual.media.net/ Frame ECBC 3 KB
2 KB 1042ms
1041ms Script
text/javascript 23.8.170.84
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CUKY1173&cpcd=ZvIpgPcoFI3nvke2_t9z7g%3D%3D&crid=527397821&size=728x15&cc=DE&vif=1&requrl=http%3A%2F%2Fstackpathdns.com%2F&nse=3&vi=1541426337435534323&lw=1&ugd=4&re=1&nb=1
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 23.8.170.84 Cambridge, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: a23-8-170-84.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7a2dbb0ad7d76412ef2951d255ac1e259003aa89f867a8b77a3c021d07867d82

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=288
Connection: keep-alive
Content-Length: 1437
X-MNET-HL2: 8-20
Expires: Mon, 05 Nov 2018 14:03:47 GMT

GET
H/1.1 200
OK px.gif
contextual.media.net/ 43 B
323 B 157ms
156ms Image
image/gif 23.8.170.84
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://contextual.media.net/px.gif?ch=1&rn=1
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 23.8.170.84 Cambridge, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: a23-8-170-84.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:58 GMT
Last-Modified: Wed, 19 Jul 2017 10:11:12 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=603448
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 12 Nov 2018 13:36:26 GMT

GET
H/1.1 200
OK px.gif
h.mnet-ad.net/ 43 B
322 B 41ms
6ms Image
image/gif 2.16.186.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h.mnet-ad.net/px.gif?ch=2&rn=1
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 2.16.186.57 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-57.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:58 GMT
Last-Modified: Wed, 19 Jul 2017 10:11:12 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=52537
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 06 Nov 2018 04:34:35 GMT

GET
H/1.1 200
OK log
lg3.media.net/ 35 B
319 B 345ms
160ms Image
image/gif 23.8.170.84
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lg3.media.net/log?logid=kfk&evtid=dpub&cid=8CUKY1173&crid=527397821&requrl=http%3A%2F%2Fstackpathdns.com%2F&cpurl=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&ref=&nref=&reason=1&vi=1541426337435534323&hvsid=00001541426338305024994890249999&vsid=undefined&rand=1541426338306
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 23.8.170.84 Cambridge, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: a23-8-170-84.deploy.static.akamaitechnologies.com
Software: Apache Tomcat /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Nov 2018 13:58:58 GMT
Server: Apache Tomcat
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 05 Nov 2018 13:58:58 GMT

GET
S 200 config Show response
s.seedtag.com/t/ 13 KB
6 KB 98ms
50ms XHR
application/json 130.211.24.68
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.seedtag.com/t/config?token=3571-5353-01&device=desktop&cmp=false&ga=null&cd=&ct=1&fullUrl=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&hash=undefined&cache=1541426338456

Requested by

Host: config.seedtag.com
URL: https://config.seedtag.com/st_3.2d2a8b29d3ea3281d214.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.211.24.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

68.24.211.130.bc.googleusercontent.com

Software

nginx /

Resource Hash

2e3711876e494fc59c7a8f40ba15dc2283efc3f038a72df47ea2e0a13f65d70f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
status: 200
alt-svc: clear
x-xss-protection: 1; mode=block
x-cnt: REU=
server: nginx
x-frame-options: DENY
etag: W/"33ef-vhrZHV7d2Ep5PnHQ/dLNZ0b3qus"
x-download-options: noopen
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
via: 1.1 google
vary: Accept-Encoding
access-control-allow-credentials: true
x-css: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-expose-headers: X-CSS,X-CNT,X-CHC

GET
H/1.1 200
OK Cookie set checksync.php
contextual.media.net/ Frame 2F5C 0
0 190ms
189ms Document
text/html 23.8.170.84
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://contextual.media.net/checksync.php?&gdpr=1&cs=2&cv=31&cid=8CUKY1173
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 23.8.170.84 Cambridge, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: a23-8-170-84.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: contextual.media.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Accept-Encoding: gzip, deflate
Cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Response headers

Server: Apache
Content-Type: text/html; charset=UTF-8
Set-Cookie: gdpr_status=1; Expires=Thu, 09 May 2019 13:58:58 GMT; domain=.media.net; Path=/;
X-MNET-HL2: E
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Expires: Mon, 12 Nov 2018 13:58:58 GMT
Date: Mon, 05 Nov 2018 13:58:58 GMT
Content-Length: 2301
Connection: keep-alive

GET
S 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/e3faa4488b89216bcb7ee9e5068ba6ea.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1e96ceaf42ad1841de8e2c83077f7e28827e655a612980b3073678ca172896d0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: he+upWA+LDj/JE94hnwbBg==
status: 200
content-length: 2114
x-xss-protection: 0
x-fb-debug: sq3dM4X9K6rmYHwSFZfYm8kTBBHBNGXvropk8Fz3MzizaSzZNZB8bBiK2AaAkzt0D3O4edZsXmLIKyykrDN9Jg==
x-fb-content-md5: 36ccf17e3da99c32277a1fac263a09af
x-frame-options: DENY
date: Mon, 05 Nov 2018 13:58:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "14f07d72d90e897b089b3f20bb0224c5"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Mon, 05 Nov 2018 14:00:27 GMT

GET
S 200 loader.js Show response
cdn.taboola.com/libtrc/rankmeupfr-sc/ 370 KB
29 KB 83ms
7ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/rankmeupfr-sc/loader.js
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/e3faa4488b89216bcb7ee9e5068ba6ea.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35255a2fec94954ac4e3ccfaa25e511dbb734daa14a8cf7f97daacbb60847351

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: s.3XJ6IyPZ5KHNtnUmrhguQrmhAX1AAF
content-encoding: gzip
etag: "e54cd14e5189e2081319281ea52f8fc6"
age: 81
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 29412
x-amz-id-2: og33wP980Efd+zHesBqn35DbaAEbTg0TeC/Oen84k1tmMm2P6ii+RaRc7l+flUctnpNhLo4cwqQ=
x-served-by: cache-fra19130-FRA
last-modified: Thu, 01 Nov 2018 10:43:42 GMT
server: AmazonS3
x-timer: S1541426339.914833,VS0,VE1
date: Mon, 05 Nov 2018 13:58:58 GMT
vary: Accept-Encoding
x-amz-request-id: 0619293308F7615C
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1

GET
S 200 sdk.js Show response
connect.facebook.net/fr_FR/ 194 KB
59 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/e3faa4488b89216bcb7ee9e5068ba6ea.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

67ed99ae98400f21038e309049c91b5f8f33eeffcac26c8ae9676b6adac1bee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ls+edIJ85t7UaxRfGrckgA==
status: 200
content-length: 60541
x-xss-protection: 0
x-fb-debug: gnv6LdYIZF4rcnOT7Rz6Ju0vbSzXphfPtfHd4pH9PciHh/YGOMBwdkHXHVa5JW+trdwEF2p67gw1Szhg9Qdc8g==
x-fb-content-md5: c7675b4ba2bf0c4c5bc309af13d501eb
x-frame-options: DENY
date: Mon, 05 Nov 2018 13:58:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "903613acef49e41e95c4c49a0c0cdf29"
timing-allow-origin: *
expires: Mon, 05 Nov 2018 14:09:30 GMT

GET
S 200 web Show response
onesignal.com/api/v1/sync/5062756e-4335-49d3-953f-3aefbac08e17/ 3 KB
2 KB 149ms
148ms Script
text/javascript 2606:4700::6810:cea5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/5062756e-4335-49d3-953f-3aefbac08e17/web?callback=__jp0

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/e3faa4488b89216bcb7ee9e5068ba6ea.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Phusion Passenger 5.3.2

Resource Hash

1e96400ab047713c9d8ca2120a6f46c251152a229981352fd9035741283fd41a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-powered-by: Phusion Passenger 5.3.2
status: 200, 200 OK
x-xss-protection: 1; mode=block
x-request-id: 328db735-a6b3-4231-8b00-7fe9254f4de1
x-runtime: 0.051653
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 474fd69acf8c27a4-FRA
access-control-allow-headers: SDK-Version
expires: Mon, 05 Nov 2018 14:03:59 GMT

GET
S 200 fbevents.js Show response
connect.facebook.net/en_US/ 73 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/e3faa4488b89216bcb7ee9e5068ba6ea.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

d17ea7f38ba0acd5b1dfc4131655626a2353277fe99c97936765e4f6ae55a56c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
x-fb-debug: LlHGT5bobMJBLyofHSLjmHAAv7ufYq8k5AIxWU4YqgU4odWogFklyTTUrfvAS2wJUM45+RKUNBWwZDA6Wxzmqg==
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Nov 2018 13:58:59 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
content-length: 23406
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK cs.html
cs.seedtag.com/ Frame F27D 0
0 79ms
44ms Document
text/html 104.18.134.145
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cs.seedtag.com/cs.html?cmp=false&ga=true&cd=
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/st_3.2d2a8b29d3ea3281d214.js
Protocol: HTTP/1.1
Server: 104.18.134.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: cs.seedtag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Accept-Encoding: gzip, deflate
Cookie: __cfduid=d55fa0e02f5364ef9c4f49d09aa07d0bb1541426336; st_uid=ced7e67a-cc1c-4658-b43d-f6789a063880
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Response headers

Date: Mon, 05 Nov 2018 13:58:59 GMT
Content-Type: text/html
Content-Length: 1156
Connection: keep-alive
X-GUploader-UploadID: AEnB2Upm7ky6NLJF4bsnFznib-S51ybemyVUmcIm7CuZvNhvWAnpoGQPi1QYBRuFOnpaumf2honOsfsYAkPreu1BIp1315PeTg
Cache-Control: public,max-age=0
Expires: Mon, 05 Nov 2018 13:58:59 GMT
Last-Modified: Wed, 17 Oct 2018 12:41:39 GMT
ETag: "4d7a226ba9a6ff8ff4cf85dc762855f2"
x-goog-generation: 1539780099800805
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1156
Content-Encoding: gzip
x-goog-hash: crc32c=jIzTKg== md5=TXoia6mm/4/0z4XcdihV8g==
x-goog-storage-class: REGIONAL
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 474fd69d958abea8-FRA

GET
H/1.1 200
OK CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame 0F8C 0
0 153ms
16ms Document
text/html 2a02:26f0:eb:182::c09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=2699&dcid=6
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/st_3.2d2a8b29d3ea3281d214.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:eb:182::c09 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Fri, 26 Oct 2018 16:05:25 GMT
Accept-Ranges: bytes
ETag: "52abeab4456dd41:0"
Vary: Accept-Encoding
Content-Length: 319
Cache-Control: max-age=3600
Date: Mon, 05 Nov 2018 13:58:59 GMT
Connection: keep-alive

GET
S 200 pixel.gif
s.seedtag.com/t/chc/ 35 B
226 B 17ms
16ms Image
image/gif 130.211.24.68
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.seedtag.com/t/chc/pixel.gif

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.211.24.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

68.24.211.130.bc.googleusercontent.com

Software

nginx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: clear
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: DENY
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
x-download-options: noopen
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/gif
via: 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK pinit_main.js Show response
assets.pinterest.com/js/ 65 KB
24 KB 163ms
32ms Script
application/javascript 2a04:4e42:1d::84
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/e3faa4488b89216bcb7ee9e5068ba6ea.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1d::84 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 35305baa7954f236abefe03c60bd3e9f049ef99e37f5095ae51b0323865aade8

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Encoding: gzip
X-CDN: fastly
ETag: "dbcebe116a281e938ea2240c09ad2d25"
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 23792
Access-Control-Expose-Headers: X-CDN

GET
H/1.1 200
OK publishertag.prebid.js Show response
static.criteo.net/js/ld/ 35 KB
12 KB 104ms
12ms Script
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: go.ezoic.net
URL: http://go.ezoic.net/porpoiseant/dall2.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f8a3399e4886015e3fa0fe1be7adda872ea163f264618713c4d117737dd58a85

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:58:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Sep 2007 08:50:25 GMT
Server: nginx
ETag: W/"5bd8782b-8dfc"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Tue, 06 Nov 2018 13:58:59 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 368 B
335 B 95ms
95ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=4292723003805878&output=json_html&callback=googletag.impl.pubads.callbackProxy9&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-box-3&sz=250x250&rc=2&scp=iid7%3D660141%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1112%26sap%3D1112%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Drougeframboise_com-box-3-660141%26bv%3D15%26br1%3D1400%26br2%3D0%26ezoic%3D1%26stl%3D4%26deal1%3D%255B21%252C22%252C23%252C24%255D%26lb%3D2100&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426339572&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=668&ady=808&adk=1481145426&uci=9&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=84&icsg=35391235177600&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=250x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6a4c80d0f006a94dcd4d4691c43efbc380f6e1961a4f4ddbacf6793eccb63d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 255
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 377 B
344 B 94ms
93ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=2440061827923916&output=json_html&callback=googletag.impl.pubads.callbackProxy10&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-3&sz=728x90&rc=2&scp=iid7%3D661944%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D8%26al%3D1021%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-3-661944%26bv%3D1%26br1%3D1400%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B21%252C22%252C23%255D%26lb%3D1500&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426339602&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=2029&adk=3848954464&uci=a&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=20929A&color_text=000000&color_url=F0F0F0&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=84&icsg=35391235177600&std=0&vis=1&scr_x=0&scr_y=0&psz=1150x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

541fe3fd9a8d08b36e53f188860f96bb65036aa20fa5302b0d61e587a4a12dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 264
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 377 B
338 B 105ms
105ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=259680975516125&output=json_html&callback=googletag.impl.pubads.callbackProxy11&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-4&sz=728x90&rc=2&scp=iid7%3D601032%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1114%26sap%3D1114%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D9%26al%3D1022%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-4-601032%26bv%3D13%26br1%3D220%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D20%26lb%3D450&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426339626&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=3118&adk=1628039811&uci=b&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=84&icsg=35391235177600&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7fcc903f2c39e3103753a65ae0cbc1476c5496ed207fd2977b3478f6ad020c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 262
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 377 B
339 B 93ms
93ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=2269427709430383&output=json_html&callback=googletag.impl.pubads.callbackProxy12&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-2&sz=970x90&rc=2&scp=iid7%3D660444%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C253%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D3%26al%3D1005%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-2-660444%26bv%3D12%26br1%3D260%26br2%3D0%26ezoic%3D1%26deal1%3D%255B20%252C21%255D%26lb%3D1000&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426339640&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=308&ady=1108&adk=321035083&uci=c&gut=v2&color_bg=EEFF00&color_border=EEFF00&channel=1829865571&color_link=000000&color_text=000000&color_url=000000&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=84&icsg=35391235177600&std=0&vis=1&scr_x=0&scr_y=0&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d1a233329358c4617a15628f57abc91fdef629946a513e2b6bbe8d0e9a84775b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 260
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 5441 0
0 112ms
25ms Document
text/html 151.101.121.108
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: go.ezoic.net
URL: http://go.ezoic.net/porpoiseant/dall2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.121.108 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Mon, 05 Nov 2018 13:58:59 GMT
Age: 7877825
Connection: keep-alive
X-Served-By: cache-jfk8146-JFK, cache-cdg20722-CDG
X-Cache: HIT, HIT
X-Cache-Hits: 4857776, 2929628
X-Timer: S1541426340.750870,VS0,VE0
Vary: Accept-Encoding

GET
S 200 6cf748f6-4cd1-403e-8eb3-ba33035f45d0 Show response
api.adrock.tv/latest/tag/ 1 KB
1 KB 216ms
49ms Script
text/plain 54.230.129.100
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adrock.tv/latest/tag/6cf748f6-4cd1-403e-8eb3-ba33035f45d0
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.129.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-129-100.ams50.r.cloudfront.net
Software: /
Resource Hash: b14e2aff2a082ea8d03b5eb5fc109ea42f8ad953b657e8f1a9f60b1d0062f702

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:59 GMT
content-encoding: gzip
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token, x-adrck-tag, x-adrck-uid
x-amzn-requestid: f1d9634e-e102-11e8-a1a7-c3e0471691bc
access-control-max-age: 86400
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: text/plain
status: 200
x-amzn-trace-id: Root=1-5be04ca3-2c2271299bad1ee80d559298;Sampled=0
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: P5DpmGPxDoEFq8w=
content-length: 853
via: 1.1 8e55f0de4d538f549650ba46e729188c.cloudfront.net (CloudFront)
x-amz-cf-id: mwCMcj05fQqlfiG9V7o_mrEfKCoBbpPSWYFMd9OxAoPflyqmQlcg5Q==

GET
S 200 /
www.facebook.com/tr/ 44 B
248 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=669424026450735&ev=PixelInitialized&dl=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&rl=&if=false&ts=1541426339680
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 05 Nov 2018 13:58:59 GMT

GET
S 200 identity.js Show response
connect.facebook.net/signals/plugins/ 20 KB
8 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.8.32

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

02d92b2381e9b1d9e527a2351cf0c5aa99d9184399e493e0780a99efe010bd0f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 8002
x-xss-protection: 0
pragma: public
x-fb-debug: PrU6jmTFyCRjTjK3TrFaUR/UdFhI/mq8kdLE4y+ntjISYrHzvZtOJJ0jvkzi2FFPLlTFQN3hAbO3jxhNBHerdw==
x-frame-options: DENY
date: Mon, 05 Nov 2018 13:58:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 414490595386019 Show response
connect.facebook.net/signals/config/ 167 KB
39 KB 43ms
43ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/414490595386019?v=2.8.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

91a4d01ff5e47ae4ac7a607c8641e6d70c5e6a84426b0703de3718c027383678

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: SlecfV0T0yjq02D9sphK810XLR9VjlsT54HZJYzyqRKEqZSJH3rdZMDV0yzdkxqztIfNfyZAhO6O+iaNO457KQ==
x-frame-options: DENY
date: Mon, 05 Nov 2018 13:58:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK flping.php
lg3.media.net/ Frame ECBC 35 B
280 B 170ms
162ms Image
image/gif 23.8.170.84
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lg3.media.net/flping.php?reason=6&action=4&cme=_jOroSsmrBzp5RAErZ_O5WUxFHrAH1RABg-QKIC8pOxyOttVScrbVaAiWeGCT9rdMeeRa2U8Td3EagXQKDo21hEobJ5uFAUr71xHg8uWYogvOqrgp7HJeIK419bHAYND1zJOsPvxPqFHnaMnjf-2MM3eWXaK9-QtBPBmpKIK0OW02gHdIkaDBVgfswHcEGpTiApGYQ4Sj9-TPK614Ti0Kds6r-ygB1QS6UM6ece1xJmHydhSW2Ux1KLQDYVOss_Xp3RsJ3NzY98PX8qYgS0ZQhTkZDhSJiVf4eNW7GAjiCStBuw1mYZCFwtLcJ8H8ViCxRJ5idj0ZoBN-cFPqcYsjoHnFwAekRb0ZqYJqBmFWr6eCU6TO820VOfpa7SAEB_MMc74buaOcQ1oRHSotDhGQAv6kskgY7yn3VRflO9Vk_Tcji8Oa03-Ehrm8uvx_jTzbVp_RdqSoL317FgC80WrBxufIDsLXjfTbg_ren1sivRsShfPDLo1uo9_ZVao1MuG2ZMXKRi_CFiFAU9qEVUlwQ%3D%3D%7C%7C&gdpr=1&r=1541426339753&
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Server: 23.8.170.84 Cambridge, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: a23-8-170-84.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Nov 2018 13:58:59 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 05 Nov 2018 13:58:59 GMT

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
117 B 36ms
0ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwMTQxIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:59 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:02 UTC

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
93 B 46ms
7ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:58:59 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:00 UTC

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
93 B 22ms
19ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjAxMDMyIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTQtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:00 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:00 UTC

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
70 B 22ms
19ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwNDQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:00 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:00 UTC

GET
S 200 prebid.min.js Show response
cdn.adrock.tv/tag/ 121 KB
37 KB 101ms
19ms Script
application/javascript 54.230.129.53
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adrock.tv/tag/prebid.min.js
Requested by: Host: api.adrock.tv
URL: https://api.adrock.tv/latest/tag/6cf748f6-4cd1-403e-8eb3-ba33035f45d0
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.129.53 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-129-53.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ecfcd34dc34546d340537898228e11275cb350584d958b5eb959ac19f35bb214

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 10:00:49 GMT
content-encoding: gzip
last-modified: Fri, 29 Jun 2018 12:25:28 GMT
server: AmazonS3
age: 14292
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: c.nIY7EgfehTd2FHH0LbIFvBebLE_dtf
status: 200
content-type: application/javascript
x-amz-cf-id: MXTKD90I6bkbUK47OtXWOKT3Pivunm0LsC2i7u9lMBj2QJ8uUhQRMA==
via: 1.1 2c9658294a4ce6862f85595504cb099e.cloudfront.net (CloudFront)

GET
S 200 /
www.facebook.com/tr/ 44 B
144 B 10ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=414490595386019&ev=PageView&dl=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&rl=&if=false&ts=1541426340228&cd[domain]=www.rougeframboise.com&cd[user_roles]=guest&cd[plugin]=PixelYourSite&cd[traffic_source]=direct&cd[event_day]=Monday&cd[event_month]=November&cd[event_hour]=13-14&sw=1600&sh=1200&v=2.8.32&r=stable&ec=0&o=30&fbp=fb.1.1541426340227.668899120&it=1541426339714&coo=false
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 05 Nov 2018 13:59:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
98 B 10ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=414490595386019&ev=GeneralEvent&dl=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&rl=&if=false&ts=1541426340235&cd[post_type]=page&cd[post_id]=31060&cd[content_name]=Rouge%20Framboise&cd[domain]=www.rougeframboise.com&cd[user_roles]=guest&cd[plugin]=PixelYourSite&cd[traffic_source]=direct&cd[event_day]=Monday&cd[event_month]=November&cd[event_hour]=13-14&sw=1600&sh=1200&v=2.8.32&r=stable&ec=1&o=30&fbp=fb.1.1541426340227.668899120&it=1541426339714&coo=false
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 05 Nov 2018 13:59:00 GMT

GET
H2 200 __Bz3h5RzMx.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 943B 0
0 291ms
3ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/__Bz3h5RzMx.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/__Bz3h5RzMx.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
accept-encoding: gzip, deflate
cookie: fr=0QWRJqhjYLJQyAVmX..Bb4Eyj...1.0.Bb4Eyj.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Response headers

status: 200
expires: Fri, 01 Nov 2019 20:13:34 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: SlJHLdYNO2OVmlg+GPB1LBk1YJ2K2tHCdJTIZX1xeNH4VID2M4JgtZxEvZqwUv632h6CQm8UnxIhXGMlLwD0vQ==
content-length: 12740
date: Mon, 05 Nov 2018 13:59:00 GMT

GET
H/1.1 200
OK impl.330-319-RELEASE.js Show response
cdn.taboola.com/libtrc/ 458 KB
126 KB 194ms
34ms Script
application/javascript 151.101.194.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/impl.330-319-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rankmeupfr-sc/loader.js
Protocol: HTTP/1.1
Server: 151.101.194.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d58f3dbaddb66bc8b5b0891921ad568cc9b5b6e4bfc99392754c2ef5356422d2

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: MRKclD9Se5FriCvoIu4XkStXJcB40jGL
Content-Encoding: gzip
ETag: "7062d12f357e0b13754874cbbb713aa0"
Age: 198
X-Cache: HIT
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 128474
x-amz-id-2: G9YA9WXmHK6CDH2jHdDFmQraBHSGxJwar45UQy2HN+sEgoUEcLaQe/CXO9fH6rGBztsCA1LxpKk=
X-Served-By: cache-fra19140-FRA
Last-Modified: Mon, 05 Nov 2018 13:55:40 GMT
Server: AmazonS3
X-Timer: S1541426340.434779,VS0,VE0
Date: Mon, 05 Nov 2018 13:59:00 GMT
Vary: Accept-Encoding
x-amz-request-id: C71C308C5EE4A030
Via: 1.1 varnish
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 633

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 115ms
97ms Script
application/x-javascript 88.221.144.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rankmeupfr-sc/loader.js
Protocol: HTTP/1.1
Server: 88.221.144.8 , Italy, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a88-221-144-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:59:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 902
Expires: Tue, 06 Nov 2018 13:59:00 GMT

GET
S 200 default.js Show response
cdn.adrock.tv/tag/ 171 KB
39 KB 37ms
14ms Script
application/javascript 54.230.129.53
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adrock.tv/tag/default.js
Requested by: Host: api.adrock.tv
URL: https://api.adrock.tv/latest/tag/6cf748f6-4cd1-403e-8eb3-ba33035f45d0
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.129.53 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-129-53.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 684241120ce4649a3769b4c57c99fcb7b5ba2d8cd72985c7587873f9583c2402

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 10:00:50 GMT
content-encoding: gzip
last-modified: Mon, 05 Nov 2018 10:00:19 GMT
server: AmazonS3
age: 14291
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
content-type: application/javascript
x-amz-cf-id: 6tSGKtb_CQp8SYq4oRK9Mo8FY4PMxr9J4oiQ0tmos0RQvetWzWHbbA==
via: 1.1 2c9658294a4ce6862f85595504cb099e.cloudfront.net (CloudFront)

GET b
b.scorecardresearch.com/ 0
0

POST
S 200 log Show response
api.adrock.tv/ 257 B
597 B 52ms
52ms Fetch
application/json 54.230.129.100
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adrock.tv/log
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/default.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.129.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-129-100.ams50.r.cloudfront.net
Software: /
Resource Hash: a83337b6e00d3ecaaa8ba439cdbf9238f6a4f520b96e71854ef3005b810a2306

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 05 Nov 2018 13:59:00 GMT
via: 1.1 8e55f0de4d538f549650ba46e729188c.cloudfront.net (CloudFront)
x-amzn-requestid: f2729655-e102-11e8-8898-0bdb5fb44ed7
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5be04ca4-8023920a280ef88175015653
x-amz-apigw-id: P5DpwHaHDoEFnTw=
content-length: 257
x-amz-cf-id: vKio3Vye7h_kIyUFY1ycq2ACfuevzB1Cbu_QGdO8353GKv3F6lKyhw==

GET
S 200 3792ee2f-2c13-4b43-8641-e5de8a671ec5 Show response
api.pubstack.io/v1/tag/ 641 B
1 KB 164ms
67ms Script
text/plain 54.230.129.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pubstack.io/v1/tag/3792ee2f-2c13-4b43-8641-e5de8a671ec5
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/default.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.129.119 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-129-119.ams50.r.cloudfront.net
Software: /
Resource Hash: bfb3ff6ce6c733e0199df8b79b31bc3200a86313219b5a3c2e5dbff8fbdbbb44

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:00 GMT
via: 1.1 91db3e27f70759a0dea967c4b34efea9.cloudfront.net (CloudFront), 1.1 3d95c075cc2e7532826e1d3de1a75b2e.cloudfront.net (CloudFront)
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token, x-adrck-tag, x-adrck-uid
x-amzn-requestid: f28470b4-e102-11e8-aa46-f31953db4bcc
access-control-max-age: 86400
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: text/plain
status: 200
x-amzn-trace-id: Root=1-5be04ca4-ecc6a007dde8ab7e1afa65c0;Sampled=0
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: P5DpxGwXjoEF4sg=
content-length: 641
x-amz-cf-id: px6DJWzbxdaih6kj3BrM6g7hYENji9Vo91_rP16k2qp0KeJi-0a5ww==

POST
H2 200 /
www.facebook.com/tr/ Frame 4828 0
0 9ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.facebook.com/tr/
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 9437
pragma: no-cache
cache-control: no-cache
origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
accept-encoding: gzip, deflate
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Response headers

status: 200
content-type: text/plain
content-length: 0
server: proxygen-bolt
date: Mon, 05 Nov 2018 13:59:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 347 B
318 B 110ms
104ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=2889290734231225&output=json_html&callback=googletag.impl.pubads.callbackProxy13&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-box-3&sz=250x250&rc=3&scp=iid7%3D660141%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1112%26sap%3D1112%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Drougeframboise_com-box-3-660141%26bv%3D15%26br1%3D750%26br2%3D0%26ezoic%3D1%26stl%3D4%26deal1%3D%255B21%252C22%252C23%252C24%255D%26lb%3D1400&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426340983&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=668&ady=808&adk=1481145426&uci=d&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=92&icsg=2265039050390656&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=250x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4a852a0ad7eca32bb2ac682bf3925f5965673d91f38fa810747e60029ed91029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 240
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 355 B
326 B 109ms
94ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=204756560522423&output=json_html&callback=googletag.impl.pubads.callbackProxy14&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-3&sz=728x90&rc=3&scp=iid7%3D661944%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D8%26al%3D1021%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-3-661944%26bv%3D1%26br1%3D1200%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B21%252C22%252C23%255D%26lb%3D1400&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426341028&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=2029&adk=3848954464&uci=e&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=20929A&color_text=000000&color_url=F0F0F0&ifi=15&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=92&icsg=2265039050390656&std=0&vis=1&scr_x=0&scr_y=0&psz=1150x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3e1a11bc76588675b194d3ea3e09bdee153d44e186e2cef01a922d14409cd193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 247
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
log.pinterest.com/ 0
670 B 180ms
129ms Script
text/plain 151.101.192.84
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://log.pinterest.com/?guid=B40uVWZARhNU&tv=2018110101&type=pidget&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&xload=1&via=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&callback=PIN_1541426340023.f.callback[0]
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit_main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-pinterest-host: widgets.pinterest.com
Date: Mon, 05 Nov 2018 13:59:01 GMT
Via: 1.1 varnish
server: envoy
X-Timer: S1541426341.131901,VS0,VE108
X-Served-By: cache-fra19144-FRA
X-Cache: MISS
x-envoy-upstream-service-time: 8
Content-Length: 0
Connection: keep-alive
Accept-Ranges: bytes
x-pinterest-rid: 139535669946
X-Cache-Hits: 0

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 355 B
322 B 102ms
101ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=2837812611115291&output=json_html&callback=googletag.impl.pubads.callbackProxy15&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-4&sz=728x90&rc=3&scp=iid7%3D601032%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1114%26sap%3D1114%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D9%26al%3D1022%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-4-601032%26bv%3D13%26br1%3D50%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B17%252C19%252C20%255D%26lb%3D220&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426341090&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=3118&adk=1628039811&uci=f&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=93&icsg=52956946821632&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0e8320bb2e6f5a4855cfc2d4e6f153a002ff6286a27b182666d2206c3e2ec617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 247
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 355 B
325 B 103ms
103ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=315045668851960&output=json_html&callback=googletag.impl.pubads.callbackProxy16&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-2&sz=970x90&rc=3&scp=iid7%3D660444%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C253%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-2%26ic%3D4%26at%3Dbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D3%26al%3D1005%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-2-660444%26bv%3D12%26br1%3D0%26br2%3D0%26ezoic%3D1%26deal1%3D%255B17%252C18%252C19%252C20%252C21%255D%26lb%3D260%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426341102&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=308&ady=1108&adk=321035083&uci=g&gut=v2&color_bg=EEFF00&color_border=EEFF00&channel=1829865571&color_link=000000&color_text=000000&color_url=000000&ifi=17&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=93&icsg=52956946821632&std=0&vis=1&scr_x=0&scr_y=0&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

84538371bea413019f276c46792d99b3c0d62811dc50680f4734bb0101c13875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 246
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 monitoring.js Show response
cdn.adrock.tv/tag/ 30 KB
9 KB 16ms
14ms Script
application/javascript 54.230.129.53
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adrock.tv/tag/monitoring.js
Requested by: Host: api.pubstack.io
URL: https://api.pubstack.io/v1/tag/3792ee2f-2c13-4b43-8641-e5de8a671ec5
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.129.53 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-129-53.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a93697ddf124cfc25b2fba575947c3baaf4a993ddf94b9201ed960c596b5307

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 10:00:36 GMT
content-encoding: gzip
last-modified: Mon, 29 Oct 2018 14:23:37 GMT
server: AmazonS3
age: 14306
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
content-type: application/javascript
x-amz-cf-id: TAWd5A1Ld4LA4GqrRd3ASE5kYO6zxmoiadABB7lLZH-cfU0fV53pVA==
via: 1.1 2c9658294a4ce6862f85595504cb099e.cloudfront.net (CloudFront)

OPTIONS
H/1.1 200
OK wcfozTYOTVSi87CxKzIO3Q Show response
api.logmatic.io/v1/input/ 1 KB
2 KB 160ms
37ms Fetch
application/vnd.sun.wadl+xml 13.74.157.134
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.logmatic.io/v1/input/wcfozTYOTVSi87CxKzIO3Q

Requested by

Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/default.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.74.157.134 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

9f0c0c2177633c3c5b6f503ad7d4311bd981f4caf03217efb2eb0640b226ecd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Access-Control-Request-Method: POST
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 05 Nov 2018 13:59:01 UTC
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,HEAD
Content-Type: application/vnd.sun.wadl+xml
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Content-Length: 1188

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
116 B 14ms
14ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwMTQxIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:01 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:01 UTC

POST
S 200 log Show response
api.adrock.tv/ 257 B
598 B 66ms
65ms Fetch
application/json 54.230.129.100
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adrock.tv/log
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/default.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.129.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-129-100.ams50.r.cloudfront.net
Software: /
Resource Hash: cb287e999f163c7b8c6dcfdb34d9215e7c6f0587e5a80036459c2463e093b74a

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 05 Nov 2018 13:59:01 GMT
via: 1.1 8e55f0de4d538f549650ba46e729188c.cloudfront.net (CloudFront)
x-amzn-requestid: f2a7d680-e102-11e8-a2e3-6b3acf0a42f4
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5be04ca5-95912275d3617df9bdfd49af
x-amz-apigw-id: P5Dp0GVDjoEFQRg=
content-length: 257
x-amz-cf-id: LvLbbdS9NJQc83SVG2UM5KLXtsyChZ5rkKM2-LTKJeKsBuL9vg3u-w==

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 137ms
70ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 05 Nov 2018 13:59:01 GMT
X-SMRT-D: 3%3b22%3b82
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0
Expires: -1

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
222 B 36ms
16ms XHR
text/plain 178.250.0.93
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://bidder.criteo.com/cdb?ptv=61&profileId=207&av=8&cb=85217850185
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/prebid.min.js
Protocol: HTTP/1.1
Server: 178.250.0.93 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Date: Mon, 05 Nov 2018 13:59:01 GMT
Access-Control-Allow-Credentials: true
Server: Finatra
Vary: Origin

GET
H/1.1

302
Moved Temporarily

hb Show response
ad.360yield.com/ul_cb/
Redirect Chain

https://ad.360yield.com/hb?jsonp={%22bid_request%22:{%22id%22:%2277d23671635a6%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%226e2a7016341b68%22,%22currency%22:%22EUR%22,%22pid%22:%2211...
https://ad.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%2277d23671635a6%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%226e2a7016341b68%22,%22currency%22:%22EUR%22,%22pid%22...

0
-1 B

90ms
14ms

XHR

18.184.58.214
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%2277d23671635a6%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%226e2a7016341b68%22,%22currency%22:%22EUR%22,%22pid%22:%221162553%22,%22tid%22:%223c13bbbd-4081-4466-8350-13de6d1d5aab%22,%22kvw%22:{%22GDPR%22:[%22%22]},%22banner%22:{}}]}}
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.58.214 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-184-58-214.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 05 Nov 2018 13:59:01 GMT
Server: nginx
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ad.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%2277d23671635a6%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%226e2a7016341b68%22,%22currency%22:%22EUR%22,%22pid%22:%221162553%22,%22tid%22:%223c13bbbd-4081-4466-8350-13de6d1d5aab%22,%22kvw%22:{%22GDPR%22:[%22%22]},%22banner%22:{}}]}}
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Mon, 05 Nov 2018 13:59:01 GMT
Server: nginx
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ad.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%2277d23671635a6%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%226e2a7016341b68%22,%22currency%22:%22EUR%22,%22pid%22:%221162553%22,%22tid%22:%223c13bbbd-4081-4466-8350-13de6d1d5aab%22,%22kvw%22:{%22GDPR%22:[%22%22]},%22banner%22:{}}]}}
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
70 B 8ms
8ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:01 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:01 UTC

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
70 B 8ms
8ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjAxMDMyIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTQtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XX1d
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:01 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:01 UTC

GET
H/1.1 200
OK hb Show response
ad.360yield.com/ul_cb/ 3 KB
3 KB 78ms
72ms XHR
application/json 18.184.58.214
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%2277d23671635a6%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%226e2a7016341b68%22,%22currency%22:%22EUR%22,%22pid%22:%221162553%22,%22tid%22:%223c13bbbd-4081-4466-8350-13de6d1d5aab%22,%22kvw%22:{%22GDPR%22:[%22%22]},%22banner%22:{}}]}}
Requested by: Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.58.214 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-184-58-214.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 41eff279c73493a21585b9af2208c459826a367d9157594199b7777d3f373a65

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 05 Nov 2018 13:59:01 GMT
Content-Encoding: gzip
Server: nginx
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
Content-Length: 1684

POST
H/1.1 200
OK wcfozTYOTVSi87CxKzIO3Q
api.logmatic.io/v1/input/ 11 B
268 B 183ms
36ms Other
application/json 13.74.157.134
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.logmatic.io/v1/input/wcfozTYOTVSi87CxKzIO3Q

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.74.157.134 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Strict-Transport-Security: max-age=15768000
Access-Control-Allow-Credentials: true
Content-Length: 11
Content-Type: application/json;charset=UTF-8

POST
S 200 auction Show response
ingestion-gateway-test.adr0ck.com/api/ingestion/ 19 B
237 B 240ms
134ms XHR
application/json 54.77.188.87
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ingestion-gateway-test.adr0ck.com/api/ingestion/auction
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/monitoring.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.188.87 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-188-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a1cf563219a3ca3f228ef729426eaa32c7e83c7c8c0a184cbe0af5878c80c065

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 05 Nov 2018 13:59:01 GMT
status: 200
etag: W/"13-6yKjFbukBzpQCoI7WuOSr+0d1ks"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
access-control-allow-credentials: true
content-length: 19

OPTIONS
H/1.1 200
OK wcfozTYOTVSi87CxKzIO3Q Show response
api.logmatic.io/v1/input/ 1 KB
2 KB 37ms
36ms Fetch
application/vnd.sun.wadl+xml 13.74.157.134
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.logmatic.io/v1/input/wcfozTYOTVSi87CxKzIO3Q

Requested by

Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/default.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.74.157.134 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

bf4fbac5933f6e38978b543c697ef1bb3be9742b399f7bc63dec4ea1f6c4eb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Access-Control-Request-Method: POST
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 05 Nov 2018 13:59:01 UTC
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,HEAD
Content-Type: application/vnd.sun.wadl+xml
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Content-Length: 1188

POST
S 204 e Show response
s.seedtag.com/e/ 0
320 B 140ms
102ms XHR
text/plain 130.211.24.68
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/e
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/st_3.2d2a8b29d3ea3281d214.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.24.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 68.24.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 05 Nov 2018 13:59:01 GMT
via: 1.1 google
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag: W/"0-1B2M2Y8AsgTpgAmY7PhCfg"
status: 204
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
access-control-allow-credentials: true
alt-svc: clear

POST
H/1.1 200
OK wcfozTYOTVSi87CxKzIO3Q
api.logmatic.io/v1/input/ 11 B
268 B 40ms
32ms Other
application/json 13.74.157.134
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.logmatic.io/v1/input/wcfozTYOTVSi87CxKzIO3Q

Requested by

Host: 184379-605899-raikfcquaxqncofqfm.stackpathdns.com
URL: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.74.157.134 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Strict-Transport-Security: max-age=15768000
Access-Control-Allow-Credentials: true
Content-Length: 11
Content-Type: application/json;charset=UTF-8

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
117 B 12ms
11ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwNDQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxMzYifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxNzIifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwMTQxIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxOSJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MDEwMzIiLCJkb21haW5faWQiOiI4MzYxOSIsInVuaXQiOiJkaXYtZ3B0LWFkLXJvdWdlZnJhbWJvaXNlX2NvbS1tZWRyZWN0YW5nbGUtNC0wIiwidF9lcG9jaCI6MTU0MTQyNjMzNCwiYWRfcG9zaXRpb24iOjExMTQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNmJlNTY0MTktYjI4My00ZjI1LTc0MTUtZGY0MWQ3NTk1NTcyIiwiY29tcF9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjI4MCJ9XX1d
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:02 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:03 UTC

GET
S 200 greenoaks.gif
www.rougeframboise.com/detroitchicago/ 43 B
70 B 11ms
11ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2YmU1NjQxOS1iMjgzLTRmMjUtNzQxNS1kZjQxZDc1OTU1NzIiLCJkb21haW5faWQiOiI4MzYxOSIsInRfZXBvY2giOjE1NDE0MjYzMzQsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNmJlNTY0MTktYjI4My00ZjI1LTc0MTUtZGY0MWQ3NTk1NTcyIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ0X2Vwb2NoIjoxNTQxNDI2MzM0LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIyNiJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMTcxMiJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMTMifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMTAxNyJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjMzMjgifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiNjMzMCJ9XX1d
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:02 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:02 UTC

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 347 B
319 B 128ms
127ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=577185591693977&output=json_html&callback=googletag.impl.pubads.callbackProxy17&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-box-3&sz=250x250&rc=4&scp=iid7%3D660141%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1112%26sap%3D1112%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Drougeframboise_com-box-3-660141%26bv%3D15%26br1%3D280%26br2%3D0%26ezoic%3D1%26stl%3D4%26deal1%3D%255B20%252C21%252C22%252C23%252C24%255D%26lb%3D750&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426342507&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=668&ady=808&adk=1481145426&uci=h&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=18&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=250x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a0b80eec040e655250b4007901cdeea964d704b8c84cdb9b23fe1b5cd95a4e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 241
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 355 B
328 B 105ms
104ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=2077019798973489&output=json_html&callback=googletag.impl.pubads.callbackProxy18&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-3&sz=728x90&rc=4&scp=iid7%3D661944%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D8%26al%3D1021%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-3-661944%26bv%3D1%26br1%3D1000%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B21%252C22%252C23%255D%26lb%3D1200&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426342514&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=2029&adk=3848954464&uci=i&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=20929A&color_text=000000&color_url=F0F0F0&ifi=19&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1150x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

eb07706c3893ae7fa3031b0cb999b668e2a933a2f34444455ca7070125bfb04c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 249
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 355 B
324 B 97ms
97ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=3000171149984789&output=json_html&callback=googletag.impl.pubads.callbackProxy19&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-4&sz=728x90&rc=4&scp=iid7%3D601032%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1114%26sap%3D1114%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-2%26ic%3D5%26at%3Dbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D9%26al%3D1022%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-4-601032%26bv%3D13%26br1%3D0%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B17%252C18%252C19%252C20%255D%26lb%3D50%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426342540&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=3118&adk=1628039811&uci=j&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=20&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3db915c22a87624bc806ab52631af5dc724009c1c3e6b1146cece9c1601efe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 249
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
S 200 log Show response
api.adrock.tv/ 257 B
599 B 54ms
53ms Fetch
application/json 54.230.129.100
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adrock.tv/log
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/default.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.129.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-129-100.ams50.r.cloudfront.net
Software: /
Resource Hash: 45a7f18a1d1200382708a111b1e9c70bab9025a6c8afad3c6f6ba258406c40c9

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 05 Nov 2018 13:59:02 GMT
via: 1.1 8e55f0de4d538f549650ba46e729188c.cloudfront.net (CloudFront)
x-amzn-requestid: f37e3967-e102-11e8-9ebf-e3f1b755c69b
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5be04ca6-df055144565f12c8040d3254
x-amz-apigw-id: P5DqCGmojoEFW_A=
content-length: 257
x-amz-cf-id: 5CPHll_Jzq40Xr8xId2fKhq_3M8W1hZvHknZQt6UtZgRNfj5HRnPOA==

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 70ms
69ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 05 Nov 2018 13:59:02 GMT
X-SMRT-D: 3%3b22%3b85
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0
Expires: -1

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
222 B 41ms
40ms XHR
text/plain 178.250.0.93
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://bidder.criteo.com/cdb?ptv=61&profileId=207&av=8&cb=48058341462
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/prebid.min.js
Protocol: HTTP/1.1
Server: 178.250.0.93 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Date: Mon, 05 Nov 2018 13:59:01 GMT
Access-Control-Allow-Credentials: true
Server: Finatra
Vary: Origin

GET
H/1.1 200
OK hb Show response
ad.360yield.com/ 3 KB
2 KB 87ms
86ms XHR
application/json 18.184.58.214
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/hb?jsonp={%22bid_request%22:{%22id%22:%2215a81c09a31a273%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%221475656e3975ce9%22,%22currency%22:%22EUR%22,%22pid%22:%221162553%22,%22tid%22:%225d667125-c24e-490d-8c20-ea728d6dad54%22,%22kvw%22:{%22GDPR%22:[%22%22]},%22banner%22:{}}]}}
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.58.214 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-184-58-214.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8e26d3ff02d13db71315ea28cb30407449c769d2df7c5211541348def1e27dca

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 05 Nov 2018 13:59:02 GMT
Content-Encoding: gzip
Server: nginx
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
Content-Length: 1684

OPTIONS
H/1.1 200
OK wcfozTYOTVSi87CxKzIO3Q Show response
api.logmatic.io/v1/input/ 1 KB
2 KB 49ms
48ms Fetch
application/vnd.sun.wadl+xml 13.74.157.134
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.logmatic.io/v1/input/wcfozTYOTVSi87CxKzIO3Q

Requested by

Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/default.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.74.157.134 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

9f0c0c2177633c3c5b6f503ad7d4311bd981f4caf03217efb2eb0640b226ecd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Access-Control-Request-Method: POST
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 05 Nov 2018 13:59:02 UTC
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,HEAD
Content-Type: application/vnd.sun.wadl+xml
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Content-Length: 1188

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
70 B 16ms
12ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwMTQxIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNSJ9XX1d
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:02 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:02 UTC

POST
S 200 auction Show response
ingestion-gateway-test.adr0ck.com/api/ingestion/ 19 B
237 B 176ms
171ms XHR
application/json 54.77.188.87
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ingestion-gateway-test.adr0ck.com/api/ingestion/auction
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/monitoring.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.188.87 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-188-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a1cf563219a3ca3f228ef729426eaa32c7e83c7c8c0a184cbe0af5878c80c065

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 05 Nov 2018 13:59:02 GMT
status: 200
etag: W/"13-6yKjFbukBzpQCoI7WuOSr+0d1ks"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
access-control-allow-credentials: true
content-length: 19

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
70 B 17ms
12ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNSJ9XX1d
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:02 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:02 UTC

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
70 B 13ms
12ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjAxMDMyIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTQtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNSJ9XX1d
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:02 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:03 UTC

POST
H/1.1 200
OK wcfozTYOTVSi87CxKzIO3Q
api.logmatic.io/v1/input/ 11 B
268 B 38ms
37ms Other
application/json 13.74.157.134
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.logmatic.io/v1/input/wcfozTYOTVSi87CxKzIO3Q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.74.157.134 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Strict-Transport-Security: max-age=15768000
Access-Control-Allow-Credentials: true
Content-Length: 11
Content-Type: application/json;charset=UTF-8

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 347 B
315 B 107ms
106ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=4437183045759291&output=json_html&callback=googletag.impl.pubads.callbackProxy20&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-box-3&sz=250x250&rc=5&scp=iid7%3D660141%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1112%26sap%3D1112%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Drougeframboise_com-box-3-660141%26bv%3D15%26br1%3D60%26br2%3D0%26ezoic%3D1%26stl%3D4%26deal1%3D%255B17%252C19%252C20%252C21%252C22%252C23%252C24%255D%26lb%3D280&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426343708&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=668&ady=808&adk=1481145426&uci=k&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=21&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=250x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b687af930d137b8f4a55591699792911a3bf952e912d89f183e202168d6325e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 240
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 355 B
323 B 116ms
115ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=2403253153028415&output=json_html&callback=googletag.impl.pubads.callbackProxy21&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-3&sz=728x90&rc=5&scp=iid7%3D661944%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D8%26al%3D1021%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-3-661944%26bv%3D1%26br1%3D750%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B21%252C22%252C23%255D%26lb%3D1000&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426343757&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=2029&adk=3848954464&uci=l&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=20929A&color_text=000000&color_url=F0F0F0&ifi=22&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1150x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

5be3240da11f4345a109e5b16307dfa21234d0f691a6d826415846be34eb2542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 248
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 355 B
327 B 49ms
49ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=1464654684146804&output=json_html&callback=googletag.impl.pubads.callbackProxy22&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-4&sz=728x90&rc=5&scp=iid7%3D601032%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1114%26sap%3D1114%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-2-2%26ic%3D6%26at%3Dbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D9%26al%3D1022%26compid%3D1%252C4%26tap%3Drougeframboise_com-medrectangle-4-601032%26bv%3D13%26br1%3D0%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B17%252C18%252C19%252C20%255D%26ss38%3D1%26ss9%3D1%26nocompoverride%3D1&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426343763&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=3118&adk=1628039811&uci=m&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=23&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

af93d3106fae1f18ffed9bd4f1afc200b50c741a2b50834a121bd3d5992e7c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 248
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
93 B 14ms
14ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwMTQxIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNiJ9XX1d
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:03 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:03 UTC

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
70 B 8ms
8ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNiJ9XX1d
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:03 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:03 UTC

POST
S 200 log Show response
api.adrock.tv/ 257 B
599 B 84ms
83ms Fetch
application/json 54.230.129.100
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adrock.tv/log
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/default.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.129.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-129-100.ams50.r.cloudfront.net
Software: /
Resource Hash: 28051d9190174226872327dbb91931cfd76f93a94045b9b016b6fe1823b4bb92

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 05 Nov 2018 13:59:04 GMT
via: 1.1 8e55f0de4d538f549650ba46e729188c.cloudfront.net (CloudFront)
x-amzn-requestid: f455fc65-e102-11e8-9ebf-e3f1b755c69b
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5be04ca8-2f5df54cbf99d0ecc555f92c
x-amz-apigw-id: P5DqQGuXjoEFW_A=
content-length: 257
x-amz-cf-id: JNClp5OpxFMGJlI5gA_XleeKpuUnkJB2URmPpV4nHgd1LOJKxKQAeg==

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
222 B 16ms
15ms XHR
text/plain 178.250.0.93
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://bidder.criteo.com/cdb?ptv=61&profileId=207&av=8&cb=80611520857
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/prebid.min.js
Protocol: HTTP/1.1
Server: 178.250.0.93 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Date: Mon, 05 Nov 2018 13:59:03 GMT
Access-Control-Allow-Credentials: true
Server: Finatra
Vary: Origin

GET
H/1.1 200
OK hb Show response
ad.360yield.com/ 3 KB
2 KB 49ms
48ms XHR
application/json 18.184.58.214
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/hb?jsonp={%22bid_request%22:{%22id%22:%222302557aec12e52%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%22203b635f39e7b11%22,%22currency%22:%22EUR%22,%22pid%22:%221162553%22,%22tid%22:%22c24d7d2f-8950-4190-b443-5e4172053570%22,%22kvw%22:{%22GDPR%22:[%22%22]},%22banner%22:{}}]}}
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.58.214 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-184-58-214.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6baa5c03c896a723db1f4aff4fcc725802e7fce5107aee651b57f8488bc6b6ea

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 05 Nov 2018 13:59:04 GMT
Content-Encoding: gzip
Server: nginx
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
Content-Length: 1709

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 224ms
223ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 05 Nov 2018 13:59:03 GMT
X-SMRT-D: 3%3b22%3b60
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0
Expires: -1

OPTIONS
H/1.1 200
OK wcfozTYOTVSi87CxKzIO3Q Show response
api.logmatic.io/v1/input/ 1 KB
2 KB 36ms
35ms Fetch
application/vnd.sun.wadl+xml 13.74.157.134
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.logmatic.io/v1/input/wcfozTYOTVSi87CxKzIO3Q

Requested by

Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/default.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.74.157.134 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

9f0c0c2177633c3c5b6f503ad7d4311bd981f4caf03217efb2eb0640b226ecd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Access-Control-Request-Method: POST
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 05 Nov 2018 13:59:04 UTC
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,HEAD
Content-Type: application/vnd.sun.wadl+xml
Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Content-Length: 1188

POST
H/1.1 200
OK wcfozTYOTVSi87CxKzIO3Q
api.logmatic.io/v1/input/ 11 B
268 B 33ms
32ms Other
application/json 13.74.157.134
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.logmatic.io/v1/input/wcfozTYOTVSi87CxKzIO3Q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.74.157.134 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
Strict-Transport-Security: max-age=15768000
Access-Control-Allow-Credentials: true
Content-Length: 11
Content-Type: application/json;charset=UTF-8

POST
S 200 auction Show response
ingestion-gateway-test.adr0ck.com/api/ingestion/ 19 B
237 B 108ms
108ms XHR
application/json 54.77.188.87
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ingestion-gateway-test.adr0ck.com/api/ingestion/auction
Requested by: Host: cdn.adrock.tv
URL: https://cdn.adrock.tv/tag/monitoring.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.188.87 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-188-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a1cf563219a3ca3f228ef729426eaa32c7e83c7c8c0a184cbe0af5878c80c065

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 05 Nov 2018 13:59:04 GMT
status: 200
etag: W/"13-6yKjFbukBzpQCoI7WuOSr+0d1ks"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
access-control-allow-credentials: true
content-length: 19

GET
S 200 greenoaks.gif
www.rougeframboise.com/detroitchicago/ 43 B
117 B 7ms
7ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI2YmU1NjQxOS1iMjgzLTRmMjUtNzQxNS1kZjQxZDc1OTU1NzIiLCJkb21haW5faWQiOiI4MzYxOSIsInRfZXBvY2giOjE1NDE0MjYzMzQsImRhdGEiOlt7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiNjI1MDAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMSJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfcHgiLCJ2YWwiOiIxMjgwMjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19jb3VudCIsInZhbCI6IjIifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoidmlld3BvcnRfc2l6ZSIsInZhbCI6IjE2MDB4MTIwMCJ9LHsibmFtZSI6InZpZXdwb3J0X3B4IiwidmFsIjoiMTkyMDAwMCJ9LHsibmFtZSI6ImRvY19weCIsInZhbCI6IjY1NDQ0NjUifSx7Im5hbWUiOiJkb2NfaGVpZ2h0IiwidmFsIjoiNDEyOSJ9XX1d
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:04 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:07 UTC

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 347 B
316 B 110ms
110ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=1566990834426617&output=json_html&callback=googletag.impl.pubads.callbackProxy23&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-box-3&sz=250x250&rc=6&scp=iid7%3D660141%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1112%26sap%3D1112%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-2%26ic%3D7%26at%3Dbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Drougeframboise_com-box-3-660141%26bv%3D15%26br1%3D0%26br2%3D0%26ezoic%3D1%26stl%3D4%26deal1%3D%255B17%252C18%252C19%252C20%252C21%252C22%252C23%252C24%255D%26lb%3D60%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426344831&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=668&ady=808&adk=1481145426&uci=n&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=24&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=250x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1bf6cc415ca7f68867ff5f7230d7c7bb8f8fe1c343162c89c7ea792cbeae20fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 241
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 355 B
323 B 98ms
97ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=553142844424178&output=json_html&callback=googletag.impl.pubads.callbackProxy24&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-3&sz=728x90&rc=6&scp=iid7%3D661944%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D8%26al%3D1021%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-3-661944%26bv%3D1%26br1%3D550%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B21%252C22%252C23%255D%26lb%3D750&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426344895&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=2029&adk=3848954464&uci=o&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=20929A&color_text=000000&color_url=F0F0F0&ifi=25&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1150x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8f5879c1004551818094bfbf7aaa66a040724c75e7020df90ae217c8d5a9ef43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 248
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
94 B 9ms
9ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwMTQxIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNyJ9XX1d
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:04 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:05 UTC

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
93 B 14ms
14ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNyJ9XX1d
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:05 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:05 UTC

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 347 B
315 B 50ms
50ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=2147364733204349&output=json_html&callback=googletag.impl.pubads.callbackProxy25&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-box-3&sz=250x250&rc=7&scp=iid7%3D660141%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1112%26sap%3D1112%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-2-2%26ic%3D8%26at%3Dbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D1%252C4%26tap%3Drougeframboise_com-box-3-660141%26bv%3D15%26br1%3D0%26br2%3D0%26ezoic%3D1%26stl%3D4%26deal1%3D%255B17%252C18%252C19%252C20%252C21%252C22%252C23%252C24%255D%26ss38%3D1%26ss9%3D1%26nocompoverride%3D1&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426345950&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=668&ady=808&adk=1481145426&uci=p&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=0000FF&color_text=000000&color_url=828282&ifi=26&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x-1&msz=250x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f503abf7fad110b1008da995d0c1bc5c491e6c778ee08278a4c068f52cefebde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 240
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 355 B
329 B 107ms
107ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=2927074755794402&output=json_html&callback=googletag.impl.pubads.callbackProxy26&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-3&sz=728x90&rc=7&scp=iid7%3D661944%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D8%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D8%26al%3D1021%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-3-661944%26bv%3D1%26br1%3D350%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B21%252C22%252C23%255D%26lb%3D550&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426346055&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=1749&adk=3848954464&uci=q&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=20929A&color_text=000000&color_url=F0F0F0&ifi=27&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1150x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a4ca0743254bf6cd319be97a10d5febddd74d37c48b361be31f2727110db2b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 251
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
117 B 9ms
9ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiOCJ9XX1d
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:06 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:06 UTC

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
70 B 7ms
7ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwNDQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6Ii0xIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiItMSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjQyOSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTc0OSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYwMTQxIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tYm94LTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6Ii0xIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiItMSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjAxMDMyIiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTQtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6Ii0xIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiItMSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV19XQ==
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:06 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:06 UTC

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 355 B
412 B 113ms
113ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=2140906187292006&output=json_html&callback=googletag.impl.pubads.callbackProxy27&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-3&sz=728x90&rc=8&scp=iid7%3D661944%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D9%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D8%26al%3D1021%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-3-661944%26bv%3D1%26br1%3D200%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B20%252C21%252C22%252C23%255D%26lb%3D350&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426347171&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=1749&adk=3848954464&uci=r&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=20929A&color_text=000000&color_url=F0F0F0&ifi=28&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1150x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

65bdf97ff2df793961d334f1a1ec3f0fd71f0108ca94a54c4b16b7b6bf31fb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 250
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
93 B 17ms
17ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiOSJ9XX1d
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:07 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:07 UTC

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 355 B
522 B 110ms
110ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=382554610047749&output=json_html&callback=googletag.impl.pubads.callbackProxy28&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-3&sz=728x90&rc=9&scp=iid7%3D661944%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21%26ic%3D10%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D8%26al%3D1021%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-3-661944%26bv%3D1%26br1%3D100%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B17%252C20%252C21%252C22%252C23%255D%26lb%3D200&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426348292&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=1749&adk=3848954464&uci=s&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=20929A&color_text=000000&color_url=F0F0F0&ifi=29&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1150x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2a4613fdcd8363eed8f3c8f55519af1f0580d9aeae73807aaaa02237bca0e570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 249
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
117 B 8ms
8ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMTAifV19XQ==
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:08 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:08 UTC

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 355 B
326 B 114ms
114ms XHR
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2192612728451190&correlator=1178810092800302&output=json_html&callback=googletag.impl.pubads.callbackProxy29&impl=fif&adsid=NT&eid=21061645%2C21060374%2C21061864%2C21062715%2C21062069&vrg=270&guci=1.2.0.0.2.2.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-30&iu=%2F1254144%2Frougeframboise_com-medrectangle-3&sz=728x90&rc=10&scp=iid7%3D661944%26t%3D134%26d%3D83619%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-2%26ic%3D11%26at%3Dbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D120%26ga%3D2497208%26rid%3D99998%26pt%3D8%26al%3D1021%26compid%3D0%26tap%3Drougeframboise_com-medrectangle-3-661944%26bv%3D1%26br1%3D0%26br2%3D0%26ezoic%3D1%26stl%3D25%26deal1%3D%255B17%252C18%252C19%252C20%252C21%252C22%252C23%255D%26lb%3D100%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D63cbb1ec51d356c3%3AT%3D1541426337%3AS%3DALNI_MbInyBLYb0-2DgjK7kk9T35EGRbSw&cookie_enabled=1&bc=7&lmt=1541395600&dt=1541426349418&dlt=1541426335767&idt=1418&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=1749&adk=3848954464&uci=t&gut=v2&color_bg=FFFFFF&color_border=FFFFFF&channel=1829865571&color_link=20929A&color_text=000000&color_url=F0F0F0&ifi=30&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&dssz=94&icsg=211827787100672&std=0&vis=1&scr_x=0&scr_y=0&psz=1150x-1&msz=728x-1&psts=CgA%2CCgA%2CCgA&ga_vid=1379945631.1541426336&ga_sid=1541426337&ga_hid=1392078546&ga_wpids=UA-107998044-27&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_270.js?21062715

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

96249cc7f835a8974a30622bee4f18f6fb8f37cce2d2a581ea5f19eeb5935ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
Origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com

Response headers

date: Mon, 05 Nov 2018 13:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 251
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 army.gif
www.rougeframboise.com/porpoiseant/ 43 B
117 B 7ms
7ms Image
image/gif 52.58.106.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rougeframboise.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjYxOTQ0IiwiZG9tYWluX2lkIjoiODM2MTkiLCJ1bml0IjoiZGl2LWdwdC1hZC1yb3VnZWZyYW1ib2lzZV9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE1NDE0MjYzMzQsImFkX3Bvc2l0aW9uIjoxMTEzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjZiZTU2NDE5LWIyODMtNGYyNS03NDE1LWRmNDFkNzU5NTU3MiIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMTEifV19XQ==
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.106.139 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-106-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 05 Nov 2018 13:59:09 GMT
server: nginx/1.14.0
vary: Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 43
expires: Sun, 04 Nov 2018 13:59:09 UTC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.scorecardresearch.com
URL: https://b.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1541426337175&ns_c=UTF-8&cv=3.1&c8=Rouge%20Framboise%20-%20astuces%20beaut%C3%A9%2C%20sant%C3%A9%2C%20cuisine%20et%20bien-%C3%AAtre&c7=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&c9=

Domain: b.scorecardresearch.com
URL: https://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1541426340571&ns_c=UTF-8&cv=3.1e&c8=Rouge%20Framboise%20-%20astuces%20beaut%C3%A9%2C%20sant%C3%A9%2C%20cuisine%20et%20bien-%C3%AAtre&c7=http%3A%2F%2F184379-605899-raikfcquaxqncofqfm.stackpathdns.com%2F&c9=

Verdicts & Comments Add Verdict or Comment

460 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.casalemedia.com/	1970-01-19 04:56:02	Name: CMRUM3 Value: 5a5be04ca42760B780FD9FA44CE05BA1616C3602247711&275be04ca40b40&395be04ca42760639863006193181786&035be04ca42760de3f5be0-413c-4a00-9462-c5c2ae731bab&305be04ca405a0&045be04ca527602451783173864772433&4d5be04ca427608455ce8ff554c55daa465fdf5aff347d&585be04ca42760W_BMpAAAAMNH3U7X
.casalemedia.com/	1970-01-18 22:20:02	Name: CMPS Value: 3216
.casalemedia.com/	1970-01-19 04:56:02	Name: CMID Value: W.BMpLlQJrkAABtARSgAAABJ
.casalemedia.com/	1970-01-18 20:11:52	Name: CMST Value: W+BMpFvgTKUA
.turn.com/	1970-01-19 00:29:38	Name: pds Value: 17840%2C17840%2C17840%2C17840%2C17840%2C17840%2C17840%2C17840%2C17840%2C17840%2C17840%2C17840%2C17840%2C17840%2C17840%2C17840%2C17840%2C17840
.turn.com/	1970-01-19 00:29:38	Name: pxs Value: 173614712%2C172291685%2C172291680%2C172291681%2C172291683%2C172291727%2C172291695%2C172291689%2C172291722%2C172291723%2C172291691%2C172291669%2C172291670%2C172291729%2C172291678%2C172291674%2C172291738%2C172291707
ad.turn.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 7D2584E6C01117C9A1AAC1D1B27DFACE
.openx.net/	1970-01-19 04:56:02	Name: i Value: f2652a88-602e-4834-ab96-0a6c4a3f81f3\|1541426340
.turn.com/	1970-01-19 00:29:38	Name: uid Value: 2524122242879411025
.pubmatic.com/	1970-01-18 20:53:38	Name: KRTBCOOKIE_22 Value: 14911-pcv:1\|uid:2451783173864772433&KRTB&16087-pcv:1\|uid:2451783173864772433&KRTB&23049-pcv:1\|uid:2451783173864772433
presentation-sjc2.turn.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 3F7A6F4E4114F9FC6DF2E1C6D4E9888A
.pubmatic.com/	1970-01-18 20:53:38	Name: PugT Value: 1541426341
.casalemedia.com/	1970-01-18 22:20:02	Name: CMPRO Value: 1142
.smartadserver.com/	1970-01-19 05:39:14	Name: TestIfCookieP Value: ok
.pubmatic.com/	1970-01-18 20:53:38	Name: KRTBCOOKIE_336 Value: 5844-7024314200006180408
.smartadserver.com/	1970-01-18 20:11:52	Name: sasd Value: %24qc%3d1314162586%3b%24ql%3dHigh%3b%24qpc%3d91710%3b%24qpp%3d%3b%24qt%3d25_176_6076t%3b%24dma%3d0
.pubmatic.com/	1970-01-18 22:20:02	Name: KRTBCOOKIE_80 Value: 16514-CAESEPHd0hbIjXwYChP-ki0pRMw&KRTB&22987-CAESEPHd0hbIjXwYChP-ki0pRMw&KRTB&22995-CAESEPHd0hbIjXwYChP-ki0pRMw&KRTB&23025-CAESEPHd0hbIjXwYChP-ki0pRMw
.pubmatic.com/	1970-01-18 22:20:02	Name: KRTBCOOKIE_377 Value: 22918-6ba14eca-e5fc-4efc-b338-843c57631dd3&KRTB&23031-6ba14eca-e5fc-4efc-b338-843c57631dd3
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/	1969-12-31 23:59:59	Name: ezouspva Value: 2
.pubmatic.com/	1970-01-18 22:20:02	Name: KRTBCOOKIE_18 Value: 22947-640425955101507753
.pubmatic.com/	1970-01-18 20:53:38	Name: KRTBCOOKIE_27 Value: 16735-uid:9e865be0-416b-4a00-a75a-dd30e45d631f&KRTB&16736-uid:9e865be0-416b-4a00-a75a-dd30e45d631f&KRTB&23019-uid:9e865be0-416b-4a00-a75a-dd30e45d631f
.pubmatic.com/	1970-01-18 20:53:38	Name: KRTBCOOKIE_466 Value: 16530-6ca7dd3a-514e-4003-9372-ecdc995120af&KRTB&16532-6ca7dd3a-514e-4003-9372-ecdc995120af
.adnxs.com/	1970-01-18 22:20:02	Name: uuid2 Value: 349572110554642194
.doubleclick.net/	1970-01-19 13:41:38	Name: IDE Value: AHWqTUnpKmVPa311JjuskSL4IQ5MyR0DQ5aTi6jt6RoxkBfo1R0dAs_uH1h-9jEM
.pubmatic.com/	1970-01-18 22:20:02	Name: KRTBCOOKIE_57 Value: 22767-349572110554642194&KRTB&22776-349572110554642194
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 238404=8334179
.smartadserver.com/	1970-01-18 20:11:52	Name: sasd2 Value: q=%24qc%3d1314162586%3b%24ql%3dHigh%3b%24qpc%3d91710%3b%24qpp%3d%3b%24qt%3d25_176_6076t%3b%24dma%3d0&c=1&l=125067878&lo=-348334080&lt=636770267439801645&o=1
.smartadserver.com/	1970-01-19 05:39:14	Name: csync Value: 117:f7fbe62177f090459d9ac240617235c6\|75:3f1cdecc-56e3-4539-b23c-9bd4bc993f3f\|114:Tagg_98692_505879336455\|111:3737669618283368\|113:OPTOUT\|32:2451783173864772433
.smartadserver.com/	1970-01-19 05:39:14	Name: pdomid Value: 22
.pubmatic.com/	1970-01-18 20:53:38	Name: KRTBCOOKIE_391 Value: 22924-6194014885741689797
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
184379-605899-raikfcquaxqncofqfm.stackpathdns.com/	1970-01-19 04:56:02	Name: ezux_lpl_83619 Value: 1541426342101\|6be56419-b283-4f25-7415-df41d7595572
.pubmatic.com/	1970-01-18 22:20:02	Name: KADUSERCOOKIE Value: D6074FDD-EFE8-46C3-8985-9F0775483615
.adform.net/	1970-01-18 21:36:50	Name: uid Value: 6194014885741689797
.pubmatic.com/	1970-01-18 20:53:38	Name: SPugT Value: 1541426341
.casalemedia.com/	1969-12-31 23:59:59	Name: CMSC Value: W+BMpA**
.stackpathdns.com/	1970-01-18 20:10:34	Name: _fbp Value: fb.1.1541426340862.2127552863
.smartadserver.com/	1970-01-19 05:39:14	Name: pid Value: 3771381589323047702
.pubmatic.com/	1970-01-18 22:20:02	Name: PUBMDCID Value: 3

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	(Line 1) Message: AST library loaded: 0.18.0
console-api	log	URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/e3faa4488b89216bcb7ee9e5068ba6ea.js(Line 1) Message: PixelYourSite PRO version 7.0.4.1
console-api	log	URL: https://184379-605899-raikfcquaxqncofqfm.stackpathdns.com/wp-content/cache/min/1/e3faa4488b89216bcb7ee9e5068ba6ea.js(Line 1) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	error	URL: https://config.seedtag.com/st_3.2d2a8b29d3ea3281d214.js(Line 16) Message: Cannot read property 'setItem' of null
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 25) Message: [Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

184379-605899-raikfcquaxqncofqfm.stackpathdns.com
acdn.adnxs.com
ad.360yield.com
adservice.google.com
adservice.google.de
apex.go.sonobi.com
api.adrock.tv
api.logmatic.io
api.pubstack.io
assets.pinterest.com
b.scorecardresearch.com
bidder.criteo.com
cdn.adrock.tv
cdn.elasticad.net
cdn.taboola.com
config.seedtag.com
connect.facebook.net
contextual.media.net
cs.seedtag.com
csync.smartadserver.com
de5zarwna0j2q.cloudfront.net
edge.quantserve.com
events.browsiprod.com
fonts.googleapis.com
fonts.gstatic.com
g.ezoic.net
go.ezoic.net
googleads.g.doubleclick.net
h.mnet-ad.net
ib.adnxs.com
ingestion-gateway-test.adr0ck.com
lg3.media.net
log.pinterest.com
maxcdn.bootstrapcdn.com
middycdn-a.akamaihd.net
navvy.media.net
onesignal.com
pagead2.googlesyndication.com
pixel.quantserve.com
prg.smartadserver.com
rules.quantcount.com
s.seedtag.com
securepubads.g.doubleclick.net
static.criteo.net
staticxx.facebook.com
stats.g.doubleclick.net
storage.googleapis.com
tag.leadplace.fr
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.rougeframboise.com
yield-manager.browsiprod.com
b.scorecardresearch.com
104.18.134.145
104.18.135.145
13.74.157.134
130.211.24.68
147.135.143.44
151.101.121.108
151.101.192.84
151.101.194.2
151.101.2.2
151.139.243.1
178.162.133.150
178.250.0.93
178.250.2.130
18.184.58.214
18.185.153.197
18.194.201.158
185.33.223.216
185.86.137.17
2.16.186.113
2.16.186.57
209.197.3.15
216.58.208.34
23.8.170.84
2600:9000:2002:fc00:2:cb38:840:93a1
2600:9000:2048:1200:6:44e3:f8c0:93a1
2606:4700::6810:cea5
2a00:1450:4001:815::2001
2a00:1450:4001:815::2003
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81b::2004
2a00:1450:4001:81b::2008
2a00:1450:4001:81b::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:81b::2010
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2002
2a00:1450:4001:821::2002
2a00:1450:4001:825::2002
2a00:1450:400c:c00::9d
2a02:26f0:eb:182::c09
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1d::84
35.162.124.189
50.18.89.175
52.58.106.139
54.230.129.100
54.230.129.119
54.230.129.232
54.230.129.53
54.230.129.86
54.77.188.87
54.93.83.146
88.221.144.8
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0194b46a483c10715677cb8832833030dcf7597644277ebe473030e3f749152b
026610e4d329e0db1dc68a69334f3d6d8045af498789ab1641ebcb055e99a6df
02d92b2381e9b1d9e527a2351cf0c5aa99d9184399e493e0780a99efe010bd0f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
073da4ebdd74940b4f28210d9c233722a80aabdd90d0fce38781baf5ccc71dea
08b3872bc9a3575856d8453df7a8dbbf8d73f295571cbcab789bf1ae78f4163a
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
09ba444df249598b50bd18a6e3a8f8c55c21fd6304e53a54ad7b4a40cdd0166c
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60
0bd0fe27fb7e18f67257fda18bc131ef515d0f55e5b080b51769331e8ab4a335
0ca3d7a0dff0ec30b0ca655467935d7b828ec48ce450b9a23b7377f5e7f9242a
0e8320bb2e6f5a4855cfc2d4e6f153a002ff6286a27b182666d2206c3e2ec617
1038c93dd2c359445cc521c4c9c8a3caff85344aac518020ca1c0a8036cf24f1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114f44d4cfdc554321cfbc1ac178ef14175715840f5d91c8f865765061a1e6ea
11912bef053a40c4c964ebf78e7a373366d04cbbb8dbcb49e9c96281da02d97c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457
1bf6cc415ca7f68867ff5f7230d7c7bb8f8fe1c343162c89c7ea792cbeae20fc
1e96400ab047713c9d8ca2120a6f46c251152a229981352fd9035741283fd41a
1e96ceaf42ad1841de8e2c83077f7e28827e655a612980b3073678ca172896d0
21c0aadf96f6847a8b84ec6ed636a3ba1d9f5b85a2ab75e07576e396a3d07982
254b578219512d33de217dafd8bae119a2af8ec1124e0f2f69a4648a545f9779
257a9f4f7aa4129ef3d6f4163a5df27f0e300c747ba8d484786322b6e94b81bd
27bf85f7c0e341539559eada12383b08b9c9802d781f7c70b3eebf361faab69e
27c9408fc23ac3dfc71b8ccc271cd4259db970ab45ce2a18deaa22072d473e95
28051d9190174226872327dbb91931cfd76f93a94045b9b016b6fe1823b4bb92
29fc84934b88bc2b0775cd250653124451989c54ad68c37fe1e1dd9180c70fae
2a4613fdcd8363eed8f3c8f55519af1f0580d9aeae73807aaaa02237bca0e570
2a8d8619d541e79d007f77045f32d473a0c6932eff8f01204d3075dc0fcf2643
2c28e2cddbfbed4d09a2dca13524eee15c65b340d2d0587e353be940b8a51bce
2e3711876e494fc59c7a8f40ba15dc2283efc3f038a72df47ea2e0a13f65d70f
35255a2fec94954ac4e3ccfaa25e511dbb734daa14a8cf7f97daacbb60847351
35305baa7954f236abefe03c60bd3e9f049ef99e37f5095ae51b0323865aade8
3580c425234432307ba689cf9b2a30bd41250ebe625835737097ba4e8e4887ab
3e1a11bc76588675b194d3ea3e09bdee153d44e186e2cef01a922d14409cd193
3f275b5815ecd7259e3edc7f777fd0f51bd64f644ac361cc0cc74adc7f5807e1
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
405f41764f656c44d87efc7da1dc49cdb112a0e641f66cd5c123cd0ac6843d0c
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
4102e6fb6b2d6d5232697d10efaa8a01f1d99fdce1fc71ae7561a7001a40bf8c
41eff279c73493a21585b9af2208c459826a367d9157594199b7777d3f373a65
42a46510fc273560e4264ee503077fe6f33bd06aed726ff77bbbcfcffb9a072c
45a7f18a1d1200382708a111b1e9c70bab9025a6c8afad3c6f6ba258406c40c9
466d2b29f247dbc0e604947617a57648f41f9def02b7aad22dcc51e610a3a445
4a852a0ad7eca32bb2ac682bf3925f5965673d91f38fa810747e60029ed91029
4a93697ddf124cfc25b2fba575947c3baaf4a993ddf94b9201ed960c596b5307
4b8608197d2e1977faa360a6e5645353c35c33a0ca0cbfa864035e8925d7ec5d
4dca9b4626ba6d61a97c3d2288bbf3734391c8e5613ab95638ed1e94c37f0ab0
516b065177d1546683627fa32c8574fd59edc3eb3bf92cef5882d53e58d7a1f2
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
53da49b29ac83e2f3aeeb377a7c3fec923175b5de40e19378cd18da80e34208b
540e1572968ea9bdfbe1cc3a476e82869b6bbd7b44788e63b111fcca36ac35e9
541fe3fd9a8d08b36e53f188860f96bb65036aa20fa5302b0d61e587a4a12dff
54af46f306964af72da59c1d80240015e8f1bec1d723a259bb0e8944f30786b0
55c8072d97ca03cbe2754a2d2291edb7944a27a08706ab332da8b68f926d9b85
56d1b8c29a1809ff2c130aee87363cfc448928d06c61789a553fdd160b157599
5be3240da11f4345a109e5b16307dfa21234d0f691a6d826415846be34eb2542
5c44be7bf1b0b598851d837b7c40b3f0675fe7ec8db084c11a9789ecab57bd30
5c4fa235e59c45d44eae74fbb4f751e4588ce789f0f3fab69077f2bea47d8d2c
5cbc2f768a68e81ab54b5b9552b81ca5c21e679e8903e6b4205c14da340abdce
5de028249e0d9f7db944aa2a9b9f0309c6b0c30aefaa1dba84a0fb6dfc27dab6
6188aab5bce3f692562099f513d9b84f3e06874d5cc73ec352d73b11aeb599dc
6539edc020d1c5f2e90dedcdb9e972221044a578c7ca03c1482d6a05d1c67cdd
65bdf97ff2df793961d334f1a1ec3f0fd71f0108ca94a54c4b16b7b6bf31fb23
67ed99ae98400f21038e309049c91b5f8f33eeffcac26c8ae9676b6adac1bee6
684241120ce4649a3769b4c57c99fcb7b5ba2d8cd72985c7587873f9583c2402
6a4c80d0f006a94dcd4d4691c43efbc380f6e1961a4f4ddbacf6793eccb63d78
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6baa5c03c896a723db1f4aff4fcc725802e7fce5107aee651b57f8488bc6b6ea
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a2dbb0ad7d76412ef2951d255ac1e259003aa89f867a8b77a3c021d07867d82
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
7fcc903f2c39e3103753a65ae0cbc1476c5496ed207fd2977b3478f6ad020c7c
84538371bea413019f276c46792d99b3c0d62811dc50680f4734bb0101c13875
85ac97d1f738ae830c0951515015d4f83f694eefff40a05e7a456b61c29ea41b
872691e0bb2abb68e66674a5aabd2e3aa9f0fcf33f1e7ede7ebbd679a3341900
89cedabf98f934fb03aee0bc6c42d476f48631f64ffe8e314913b7ab4bbfc44a
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
8e26d3ff02d13db71315ea28cb30407449c769d2df7c5211541348def1e27dca
8f5879c1004551818094bfbf7aaa66a040724c75e7020df90ae217c8d5a9ef43
9147e1b9298e9b7cfc6e80210d0a1b935730f41b2638acb25523c262f21d4a4a
91a4d01ff5e47ae4ac7a607c8641e6d70c5e6a84426b0703de3718c027383678
96249cc7f835a8974a30622bee4f18f6fb8f37cce2d2a581ea5f19eeb5935ba0
9f0c0c2177633c3c5b6f503ad7d4311bd981f4caf03217efb2eb0640b226ecd4
a0b80eec040e655250b4007901cdeea964d704b8c84cdb9b23fe1b5cd95a4e0e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1cf563219a3ca3f228ef729426eaa32c7e83c7c8c0a184cbe0af5878c80c065
a249feb995e16d0b75057a0eb0cdbf5991464113846f559924016b2a2a66f682
a2d5ae97c1b1dda217392678a45fbde9f9fa923b2071803e003cf861c61aaef3
a4ca0743254bf6cd319be97a10d5febddd74d37c48b361be31f2727110db2b47
a6b5d16ab443740b17df9822107e88d89a9d78dae4b0a30252a52bcd50e545cb
a7aa57eb02668bc4f802ac97f659272009e04165f847bfd8bbf638b77e38889d
a83337b6e00d3ecaaa8ba439cdbf9238f6a4f520b96e71854ef3005b810a2306
a9a58b1e33c7bfcd6a07bdcb98033babdcc28f48e597daaeeff82ab842dee5ad
aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429
ab67c2c1aa802ff10252498e770a74dbb20bb666de3a71b581e6db196b139c06
af93d3106fae1f18ffed9bd4f1afc200b50c741a2b50834a121bd3d5992e7c73
b14e2aff2a082ea8d03b5eb5fc109ea42f8ad953b657e8f1a9f60b1d0062f702
b687af930d137b8f4a55591699792911a3bf952e912d89f183e202168d6325e7
b79877d6740e93b09467eb1e1bd7425b342dab96967f585ea71ceb874b5c798a
b907cd5b9c690c51dffd25fed156e1f024bf46db2ed8778273cf7657b4f35a05
b93794c72f8d82448d877c23444ae54a3398404d6b7026505df4e2868a27cb15
bcd65f2fe5a8dfae8d4ae06db7f5754e756b05318a197ee63246d3e870c45664
bf4fbac5933f6e38978b543c697ef1bb3be9742b399f7bc63dec4ea1f6c4eb88
bfb3ff6ce6c733e0199df8b79b31bc3200a86313219b5a3c2e5dbff8fbdbbb44
c10e8c8c1133fa3f45547c987c643f861f75d8fb9efa4efafcd68e8565b78ee9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb287e999f163c7b8c6dcfdb34d9215e7c6f0587e5a80036459c2463e093b74a
cd40bc3d6036a67ba50e593d8a6ff0d377c78697cde984b54c626470790abc47
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d17ea7f38ba0acd5b1dfc4131655626a2353277fe99c97936765e4f6ae55a56c
d1a233329358c4617a15628f57abc91fdef629946a513e2b6bbe8d0e9a84775b
d2520aaaccb2d995f10fbce437d8c943336a8e05a4514608a6f09f5f4f10580a
d58f3dbaddb66bc8b5b0891921ad568cc9b5b6e4bfc99392754c2ef5356422d2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddabebcdd17d5d3d3468c3c86fa3ba1ffc591478041369d2c3fe438ea8e47572
df801a6e8b43f44898330d0c7cbfc59ece4c8c67d6f6a3a730c9a512eb3b13e7
e3138a580cf1eec18a5a86a4742f18db03f53755c497c921e57fa55fc5b977f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3db915c22a87624bc806ab52631af5dc724009c1c3e6b1146cece9c1601efe3
eb07706c3893ae7fa3031b0cb999b668e2a933a2f34444455ca7070125bfb04c
ecfcd34dc34546d340537898228e11275cb350584d958b5eb959ac19f35bb214
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff5c71509012478f898d23b9dd40880deaa177994c274541a31002d6b57bc0e
f503abf7fad110b1008da995d0c1bc5c491e6c778ee08278a4c068f52cefebde
f50995c344f06888ccb0b52f1744e0619d18c372e33a1ac2de9b65ccaf8a2873
f7739b424d4acd048d584bf1bfa99a1ea5481989d1abb8948e9bf571729f2c72
f8a3399e4886015e3fa0fe1be7adda872ea163f264618713c4d117737dd58a85
f9adebeb75d9ff6fe47bf8765862b57a276448cebeb8feb7d69baf07b886f420
fa0d5b8b17aaa61e6b9d3c66ec972796fe24315e5f1260e4caecfbbf75a52ecb
fa326ab5b5351bcbffbb9df304938414e7d1a0ef6d4890330ec4a92f88911c96
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fef59d7a136506fbe8e3c50c622f0fb28d777ca210773b575e638d0617a001ae

184379-605899-raikfcquaxqncofqfm.stackpathdns.com Open in urlscan Pro 151.139.243.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

204 Requests

80 %HTTPS

38 %IPv6

39 Domains

57 Subdomains

54 IPs

7 Countries

6524 kBTransfer

10739 kBSize

39 Cookies

35 Outgoing links

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

184379-605899-raikfcquaxqncofqfm.stackpathdns.com Open in urlscan Pro
151.139.243.1 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

80 %
HTTPS

38 %
IPv6

39
Domains

57
Subdomains

54
IPs

7
Countries

6524 kB
Transfer

10739 kB
Size

39
Cookies

204 HTTP transactions
2 data transactions